ramon-devise 0.4.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (92) hide show
  1. data/CHANGELOG.rdoc +109 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.rdoc +243 -0
  4. data/Rakefile +45 -0
  5. data/TODO +8 -0
  6. data/app/controllers/confirmations_controller.rb +33 -0
  7. data/app/controllers/passwords_controller.rb +41 -0
  8. data/app/controllers/sessions_controller.rb +33 -0
  9. data/app/models/devise_mailer.rb +53 -0
  10. data/app/views/confirmations/new.html.erb +16 -0
  11. data/app/views/devise_mailer/confirmation_instructions.html.erb +5 -0
  12. data/app/views/devise_mailer/reset_password_instructions.html.erb +8 -0
  13. data/app/views/passwords/edit.html.erb +20 -0
  14. data/app/views/passwords/new.html.erb +16 -0
  15. data/app/views/sessions/new.html.erb +23 -0
  16. data/generators/devise/USAGE +5 -0
  17. data/generators/devise/devise_generator.rb +25 -0
  18. data/generators/devise/lib/route_devise.rb +32 -0
  19. data/generators/devise/templates/README +22 -0
  20. data/generators/devise/templates/migration.rb +20 -0
  21. data/generators/devise/templates/model.rb +5 -0
  22. data/generators/devise_install/USAGE +3 -0
  23. data/generators/devise_install/devise_install_generator.rb +9 -0
  24. data/generators/devise_install/templates/devise.rb +40 -0
  25. data/generators/devise_views/USAGE +3 -0
  26. data/generators/devise_views/devise_views_generator.rb +24 -0
  27. data/init.rb +2 -0
  28. data/lib/devise.rb +79 -0
  29. data/lib/devise/controllers/filters.rb +111 -0
  30. data/lib/devise/controllers/helpers.rb +130 -0
  31. data/lib/devise/controllers/url_helpers.rb +49 -0
  32. data/lib/devise/failure.rb +38 -0
  33. data/lib/devise/hooks/confirmable.rb +11 -0
  34. data/lib/devise/hooks/rememberable.rb +27 -0
  35. data/lib/devise/locales/en.yml +18 -0
  36. data/lib/devise/mapping.rb +120 -0
  37. data/lib/devise/migrations.rb +51 -0
  38. data/lib/devise/models.rb +105 -0
  39. data/lib/devise/models/authenticatable.rb +97 -0
  40. data/lib/devise/models/confirmable.rb +156 -0
  41. data/lib/devise/models/recoverable.rb +88 -0
  42. data/lib/devise/models/rememberable.rb +95 -0
  43. data/lib/devise/models/validatable.rb +36 -0
  44. data/lib/devise/rails.rb +17 -0
  45. data/lib/devise/rails/routes.rb +109 -0
  46. data/lib/devise/rails/warden_compat.rb +26 -0
  47. data/lib/devise/strategies/authenticatable.rb +46 -0
  48. data/lib/devise/strategies/base.rb +24 -0
  49. data/lib/devise/strategies/rememberable.rb +35 -0
  50. data/lib/devise/version.rb +3 -0
  51. data/lib/devise/warden.rb +24 -0
  52. data/test/controllers/filters_test.rb +103 -0
  53. data/test/controllers/helpers_test.rb +55 -0
  54. data/test/controllers/url_helpers_test.rb +47 -0
  55. data/test/devise_test.rb +72 -0
  56. data/test/failure_test.rb +34 -0
  57. data/test/integration/authenticatable_test.rb +187 -0
  58. data/test/integration/confirmable_test.rb +89 -0
  59. data/test/integration/recoverable_test.rb +131 -0
  60. data/test/integration/rememberable_test.rb +65 -0
  61. data/test/mailers/confirmation_instructions_test.rb +59 -0
  62. data/test/mailers/reset_password_instructions_test.rb +62 -0
  63. data/test/mapping_test.rb +101 -0
  64. data/test/models/authenticatable_test.rb +118 -0
  65. data/test/models/confirmable_test.rb +237 -0
  66. data/test/models/recoverable_test.rb +141 -0
  67. data/test/models/rememberable_test.rb +130 -0
  68. data/test/models/validatable_test.rb +99 -0
  69. data/test/models_test.rb +111 -0
  70. data/test/rails_app/app/controllers/admins_controller.rb +6 -0
  71. data/test/rails_app/app/controllers/application_controller.rb +10 -0
  72. data/test/rails_app/app/controllers/home_controller.rb +4 -0
  73. data/test/rails_app/app/controllers/users_controller.rb +7 -0
  74. data/test/rails_app/app/helpers/application_helper.rb +3 -0
  75. data/test/rails_app/app/models/account.rb +3 -0
  76. data/test/rails_app/app/models/admin.rb +3 -0
  77. data/test/rails_app/app/models/organizer.rb +3 -0
  78. data/test/rails_app/app/models/user.rb +3 -0
  79. data/test/rails_app/config/boot.rb +110 -0
  80. data/test/rails_app/config/environment.rb +41 -0
  81. data/test/rails_app/config/environments/development.rb +17 -0
  82. data/test/rails_app/config/environments/production.rb +28 -0
  83. data/test/rails_app/config/environments/test.rb +28 -0
  84. data/test/rails_app/config/initializers/new_rails_defaults.rb +21 -0
  85. data/test/rails_app/config/initializers/session_store.rb +15 -0
  86. data/test/rails_app/config/routes.rb +18 -0
  87. data/test/routes_test.rb +79 -0
  88. data/test/support/assertions_helper.rb +22 -0
  89. data/test/support/integration_tests_helper.rb +66 -0
  90. data/test/support/model_tests_helper.rb +51 -0
  91. data/test/test_helper.rb +40 -0
  92. metadata +154 -0
@@ -0,0 +1,131 @@
1
+ require 'test/test_helper'
2
+
3
+ class PasswordTest < ActionController::IntegrationTest
4
+
5
+ def visit_new_password_path
6
+ visit new_user_session_path
7
+ click_link 'Forgot password?'
8
+ end
9
+
10
+ def request_forgot_password(&block)
11
+ visit_new_password_path
12
+
13
+ assert_response :success
14
+ assert_template 'passwords/new'
15
+ assert_not warden.authenticated?(:user)
16
+
17
+ fill_in 'email', :with => 'user@test.com'
18
+ yield if block_given?
19
+ click_button 'Send me reset password instructions'
20
+ end
21
+
22
+ def reset_password(options={}, &block)
23
+ unless options[:visit] == false
24
+ visit edit_user_password_path(:reset_password_token => options[:reset_password_token])
25
+ end
26
+ assert_response :success
27
+ assert_template 'passwords/edit'
28
+
29
+ fill_in 'Password', :with => '987654321'
30
+ fill_in 'Password confirmation', :with => '987654321'
31
+ yield if block_given?
32
+ click_button 'Change my password'
33
+ end
34
+
35
+ test 'authenticated user should not be able to visit forgot password page' do
36
+ sign_in_as_user
37
+ assert warden.authenticated?(:user)
38
+
39
+ get new_user_password_path
40
+
41
+ assert_response :redirect
42
+ assert_redirected_to root_path
43
+ end
44
+
45
+ test 'not authenticated user should be able to request a forgot password' do
46
+ create_user
47
+ request_forgot_password
48
+
49
+ assert_template 'sessions/new'
50
+ assert_contain 'You will receive an email with instructions about how to reset your password in a few minutes.'
51
+ end
52
+
53
+ test 'not authenticated user with invalid email should receive an error message' do
54
+ request_forgot_password do
55
+ fill_in 'email', :with => 'invalid.test@test.com'
56
+ end
57
+
58
+ assert_response :success
59
+ assert_template 'passwords/new'
60
+ assert_have_selector 'input[type=text][value=\'invalid.test@test.com\']'
61
+ assert_contain 'Email not found'
62
+ end
63
+
64
+ test 'authenticated user should not be able to visit edit password page' do
65
+ sign_in_as_user
66
+
67
+ get edit_user_password_path
68
+
69
+ assert_response :redirect
70
+ assert_redirected_to root_path
71
+ assert warden.authenticated?(:user)
72
+ end
73
+
74
+ test 'not authenticated user with invalid reset password token should not be able to change his password' do
75
+ user = create_user
76
+ reset_password :reset_password_token => 'invalid_reset_password'
77
+
78
+ assert_response :success
79
+ assert_template 'passwords/edit'
80
+ assert_have_selector '#errorExplanation'
81
+ assert_contain 'Reset password token is invalid'
82
+ assert_not user.reload.valid_password?('987654321')
83
+ end
84
+
85
+ test 'not authenticated user with valid reset password token but invalid password should not be able to change his password' do
86
+ user = create_user
87
+ request_forgot_password
88
+ reset_password :reset_password_token => user.reload.reset_password_token do
89
+ fill_in 'Password confirmation', :with => 'other_password'
90
+ end
91
+
92
+ assert_response :success
93
+ assert_template 'passwords/edit'
94
+ assert_have_selector '#errorExplanation'
95
+ assert_contain 'Password doesn\'t match confirmation'
96
+ assert_not user.reload.valid_password?('987654321')
97
+ end
98
+
99
+ test 'not authenticated user with valid data should be able to change his password' do
100
+ user = create_user
101
+ request_forgot_password
102
+ reset_password :reset_password_token => user.reload.reset_password_token
103
+
104
+ assert_template 'home/index'
105
+ assert_contain 'Your password was changed successfully.'
106
+ assert user.reload.valid_password?('987654321')
107
+ end
108
+
109
+ test 'after entering invalid data user should still be able to change his password' do
110
+ user = create_user
111
+ request_forgot_password
112
+ reset_password :reset_password_token => user.reload.reset_password_token do
113
+ fill_in 'Password confirmation', :with => 'other_password'
114
+ end
115
+ assert_response :success
116
+ assert_have_selector '#errorExplanation'
117
+ assert_not user.reload.valid_password?('987654321')
118
+
119
+ reset_password :reset_password_token => user.reload.reset_password_token, :visit => false
120
+ assert_contain 'Your password was changed successfully.'
121
+ assert user.reload.valid_password?('987654321')
122
+ end
123
+
124
+ test 'sign in user automatically after changing it\'s password' do
125
+ user = create_user
126
+ request_forgot_password
127
+ reset_password :reset_password_token => user.reload.reset_password_token
128
+
129
+ assert warden.authenticated?(:user)
130
+ end
131
+ end
@@ -0,0 +1,65 @@
1
+ require 'test/test_helper'
2
+
3
+ class RememberMeTest < ActionController::IntegrationTest
4
+
5
+ def create_user_and_remember(add_to_token='')
6
+ Devise.remember_for = 1
7
+ user = create_user
8
+ user.remember_me!
9
+ cookies['remember_token'] = User.serialize_into_cookie(user) + add_to_token
10
+ user
11
+ end
12
+
13
+ test 'do not remember the user if he has not checked remember me option' do
14
+ user = sign_in_as_user
15
+
16
+ assert_nil user.reload.remember_token
17
+ end
18
+
19
+ test 'generate remember token after sign in' do
20
+ user = sign_in_as_user :remember_me => true
21
+
22
+ assert_not_nil user.reload.remember_token
23
+ end
24
+
25
+ test 'remember the user before sign in' do
26
+ user = create_user_and_remember
27
+ get users_path
28
+ assert_response :success
29
+ assert warden.authenticated?(:user)
30
+ assert warden.user(:user) == user
31
+ end
32
+
33
+ test 'do not remember with invalid token' do
34
+ user = create_user_and_remember('add')
35
+ get users_path
36
+ assert_response :success
37
+ assert_not warden.authenticated?(:user)
38
+ end
39
+
40
+ test 'do not remember with token expired' do
41
+ user = create_user_and_remember
42
+ Devise.remember_for = 0
43
+ get users_path
44
+ assert_response :success
45
+ assert_not warden.authenticated?(:user)
46
+ end
47
+
48
+ test 'forget the user before sign out' do
49
+ user = create_user_and_remember
50
+ get users_path
51
+ assert warden.authenticated?(:user)
52
+ get destroy_user_session_path
53
+ assert_not warden.authenticated?(:user)
54
+ assert_nil user.reload.remember_token
55
+ end
56
+
57
+ test 'do not remember the user anymore after forget' do
58
+ user = create_user_and_remember
59
+ get users_path
60
+ assert warden.authenticated?(:user)
61
+ get destroy_user_session_path
62
+ get users_path
63
+ assert_not warden.authenticated?(:user)
64
+ end
65
+ end
@@ -0,0 +1,59 @@
1
+ require 'test/test_helper'
2
+
3
+ class ConfirmationInstructionsTest < ActionMailer::TestCase
4
+
5
+ def setup
6
+ setup_mailer
7
+ DeviseMailer.sender = 'test@example.com'
8
+ end
9
+
10
+ def user
11
+ @user ||= create_user
12
+ end
13
+
14
+ def mail
15
+ @mail ||= begin
16
+ user
17
+ ActionMailer::Base.deliveries.first
18
+ end
19
+ end
20
+
21
+ test 'email sent after creating the user' do
22
+ assert_not_nil mail
23
+ end
24
+
25
+ test 'content type should be set to html' do
26
+ assert_equal 'text/html', mail.content_type
27
+ end
28
+
29
+ test 'send confirmation instructions to the user email' do
30
+ mail
31
+ assert_equal [user.email], mail.to
32
+ end
33
+
34
+ test 'setup sender from configuration' do
35
+ assert_equal ['test@example.com'], mail.from
36
+ end
37
+
38
+ test 'setup subject from I18n' do
39
+ store_translations :en, :devise => { :mailer => { :confirmation_instructions => 'Account Confirmation' } } do
40
+ assert_equal 'Account Confirmation', mail.subject
41
+ end
42
+ end
43
+
44
+ test 'subject namespaced by model' do
45
+ store_translations :en, :devise => { :mailer => { :user => { :confirmation_instructions => 'User Account Confirmation' } } } do
46
+ assert_equal 'User Account Confirmation', mail.subject
47
+ end
48
+ end
49
+
50
+ test 'body should have user info' do
51
+ assert_match /#{user.email}/, mail.body
52
+ end
53
+
54
+ test 'body should have link to confirm the account' do
55
+ host = ActionMailer::Base.default_url_options[:host]
56
+ confirmation_url_regexp = %r{<a href=\"http://#{host}/users/confirmation\?confirmation_token=#{user.confirmation_token}">}
57
+ assert_match confirmation_url_regexp, mail.body
58
+ end
59
+ end
@@ -0,0 +1,62 @@
1
+ require 'test/test_helper'
2
+
3
+ class ResetPasswordInstructionsTest < ActionMailer::TestCase
4
+
5
+ def setup
6
+ setup_mailer
7
+ DeviseMailer.sender = 'test@example.com'
8
+ end
9
+
10
+ def user
11
+ @user ||= begin
12
+ user = create_user
13
+ user.send_reset_password_instructions
14
+ user
15
+ end
16
+ end
17
+
18
+ def mail
19
+ @mail ||= begin
20
+ user
21
+ ActionMailer::Base.deliveries.last
22
+ end
23
+ end
24
+
25
+ test 'email sent after reseting the user password' do
26
+ assert_not_nil mail
27
+ end
28
+
29
+ test 'content type should be set to html' do
30
+ assert_equal 'text/html', mail.content_type
31
+ end
32
+
33
+ test 'send confirmation instructions to the user email' do
34
+ assert_equal [user.email], mail.to
35
+ end
36
+
37
+ test 'setup sender from configuration' do
38
+ assert_equal ['test@example.com'], mail.from
39
+ end
40
+
41
+ test 'setup subject from I18n' do
42
+ store_translations :en, :devise => { :mailer => { :reset_password_instructions => 'Reset instructions' } } do
43
+ assert_equal 'Reset instructions', mail.subject
44
+ end
45
+ end
46
+
47
+ test 'subject namespaced by model' do
48
+ store_translations :en, :devise => { :mailer => { :user => { :reset_password_instructions => 'User Reset Instructions' } } } do
49
+ assert_equal 'User Reset Instructions', mail.subject
50
+ end
51
+ end
52
+
53
+ test 'body should have user info' do
54
+ assert_match /#{user.email}/, mail.body
55
+ end
56
+
57
+ test 'body should have link to confirm the account' do
58
+ host = ActionMailer::Base.default_url_options[:host]
59
+ reset_url_regexp = %r{<a href=\"http://#{host}/users/password/edit\?reset_password_token=#{user.reset_password_token}">}
60
+ assert_match reset_url_regexp, mail.body
61
+ end
62
+ end
@@ -0,0 +1,101 @@
1
+ require 'test/test_helper'
2
+
3
+ class MappingTest < ActiveSupport::TestCase
4
+
5
+ test 'store options' do
6
+ mapping = Devise.mappings[:user]
7
+
8
+ assert_equal User, mapping.to
9
+ assert_equal User.devise_modules, mapping.for
10
+ assert_equal :users, mapping.as
11
+ end
12
+
13
+ test 'allows as to be given' do
14
+ assert_equal :admin_area, Devise.mappings[:admin].as
15
+ end
16
+
17
+ test 'allow custom singular to be given' do
18
+ assert_equal :organizers, Devise.mappings[:manager].as
19
+ end
20
+
21
+ test 'allows a controller depending on the mapping' do
22
+ mapping = Devise.mappings[:user]
23
+ assert mapping.allows?(:sessions)
24
+ assert mapping.allows?(:confirmations)
25
+ assert mapping.allows?(:passwords)
26
+
27
+ mapping = Devise.mappings[:admin]
28
+ assert mapping.allows?(:sessions)
29
+ assert_not mapping.allows?(:confirmations)
30
+ assert_not mapping.allows?(:passwords)
31
+ end
32
+
33
+ test 'return mapping by path' do
34
+ assert_nil Devise::Mapping.find_by_path("/foo/bar")
35
+ assert_equal Devise.mappings[:user], Devise::Mapping.find_by_path("/users/session")
36
+ end
37
+
38
+ test 'return mapping by customized path' do
39
+ assert_equal Devise.mappings[:admin], Devise::Mapping.find_by_path("/admin_area/session")
40
+ end
41
+
42
+ test 'return default path names' do
43
+ mapping = Devise.mappings[:user]
44
+ assert_equal 'sign_in', mapping.path_names[:sign_in]
45
+ assert_equal 'sign_out', mapping.path_names[:sign_out]
46
+ assert_equal 'password', mapping.path_names[:password]
47
+ assert_equal 'confirmation', mapping.path_names[:confirmation]
48
+ end
49
+
50
+ test 'allow custom path names to be given' do
51
+ mapping = Devise.mappings[:account]
52
+ assert_equal 'login', mapping.path_names[:sign_in]
53
+ assert_equal 'logout', mapping.path_names[:sign_out]
54
+ assert_equal 'secret', mapping.path_names[:password]
55
+ assert_equal 'verification', mapping.path_names[:confirmation]
56
+ end
57
+
58
+ test 'has an empty path as default path prefix' do
59
+ mapping = Devise.mappings[:account]
60
+ assert_equal '/', mapping.path_prefix
61
+ end
62
+
63
+ test 'allow path prefix to be configured' do
64
+ mapping = Devise.mappings[:manager]
65
+ assert_equal '/:locale/', mapping.path_prefix
66
+ end
67
+
68
+ test 'retrieve as from the proper position' do
69
+ assert_equal 1, Devise.mappings[:account].as_position
70
+ assert_equal 2, Devise.mappings[:manager].as_position
71
+ end
72
+
73
+ test 'raw path is returned' do
74
+ assert_equal '/account', Devise.mappings[:account].raw_path
75
+ assert_equal '/:locale/organizers', Devise.mappings[:manager].raw_path
76
+ end
77
+
78
+ test 'parsed path is returned' do
79
+ begin
80
+ Devise.default_url_options {{ :locale => I18n.locale }}
81
+ assert_equal '/account', Devise.mappings[:account].parsed_path
82
+ assert_equal '/en/organizers', Devise.mappings[:manager].parsed_path
83
+ ensure
84
+ Devise.default_url_options {{ }}
85
+ end
86
+ end
87
+
88
+ test 'magic predicates' do
89
+ mapping = Devise.mappings[:user]
90
+ assert mapping.authenticatable?
91
+ assert mapping.confirmable?
92
+ assert mapping.recoverable?
93
+ assert mapping.rememberable?
94
+
95
+ mapping = Devise.mappings[:admin]
96
+ assert mapping.authenticatable?
97
+ assert_not mapping.confirmable?
98
+ assert_not mapping.recoverable?
99
+ assert_not mapping.rememberable?
100
+ end
101
+ end
@@ -0,0 +1,118 @@
1
+ require 'test/test_helper'
2
+ require 'digest/sha1'
3
+
4
+ class AuthenticatableTest < ActiveSupport::TestCase
5
+
6
+ def encrypt_password(user, pepper=nil, stretches=1)
7
+ user.class_eval { define_method(:stretches) { stretches } } if stretches
8
+ user.password = '123456'
9
+ ::Digest::SHA1.hexdigest("--#{user.password_salt}--#{pepper}--123456--#{pepper}--")
10
+ end
11
+
12
+ test 'should respond to password and password confirmation' do
13
+ user = new_user
14
+ assert user.respond_to?(:password)
15
+ assert user.respond_to?(:password_confirmation)
16
+ end
17
+
18
+ test 'should generate salt while setting password' do
19
+ assert_present new_user.password_salt
20
+ assert_present new_user(:password => nil).password_salt
21
+ assert_present new_user(:password => '').password_salt
22
+ assert_present create_user.password_salt
23
+ end
24
+
25
+ test 'should not change password salt when updating' do
26
+ user = create_user
27
+ salt = user.password_salt
28
+ user.expects(:password_salt=).never
29
+ user.save!
30
+ assert_equal salt, user.password_salt
31
+ end
32
+
33
+ test 'should generate a base64 hash using SecureRandom for password salt' do
34
+ ActiveSupport::SecureRandom.expects(:base64).with(15).returns('friendly_token')
35
+ assert_equal 'friendly_token', new_user.password_salt
36
+ end
37
+
38
+ test 'should never generate the same salt for different users' do
39
+ password_salts = []
40
+ 10.times do
41
+ salt = create_user.password_salt
42
+ assert_not password_salts.include?(salt)
43
+ password_salts << salt
44
+ end
45
+ end
46
+
47
+ test 'should generate encrypted password while setting password' do
48
+ assert_present new_user.encrypted_password
49
+ assert_present new_user(:password => nil).encrypted_password
50
+ assert_present new_user(:password => '').encrypted_password
51
+ assert_present create_user.encrypted_password
52
+ end
53
+
54
+ test 'should encrypt password again if password has changed' do
55
+ user = create_user
56
+ encrypted_password = user.encrypted_password
57
+ user.password = user.password_confirmation = 'new_password'
58
+ user.save!
59
+ assert_not_equal encrypted_password, user.encrypted_password
60
+ end
61
+
62
+ test 'should encrypt password using a sha1 hash' do
63
+ user = new_user
64
+ assert_equal encrypt_password(user), user.encrypted_password
65
+ end
66
+
67
+ test 'should fallback to devise pepper default configuring' do
68
+ begin
69
+ Devise.pepper = ''
70
+ user = new_user
71
+ assert_equal encrypt_password(user), user.encrypted_password
72
+ Devise.pepper = 'new_pepper'
73
+ user = new_user
74
+ assert_equal encrypt_password(user, 'new_pepper'), user.encrypted_password
75
+ Devise.pepper = '123456'
76
+ user = new_user
77
+ assert_equal encrypt_password(user, '123456'), user.encrypted_password
78
+ ensure
79
+ Devise.pepper = nil
80
+ end
81
+ end
82
+
83
+ test 'should fallback to devise stretches default configuring' do
84
+ begin
85
+ default_stretches = Devise.stretches
86
+ Devise.stretches = 1
87
+ user = new_user
88
+ assert_equal encrypt_password(user, nil, nil), user.encrypted_password
89
+ ensure
90
+ Devise.stretches = default_stretches
91
+ end
92
+ end
93
+
94
+ test 'should test for a valid password' do
95
+ user = create_user
96
+ assert user.valid_password?('123456')
97
+ assert_not user.valid_password?('654321')
98
+ end
99
+
100
+ test 'should authenticate a valid user with email and password and return it' do
101
+ user = create_user
102
+ User.any_instance.stubs(:confirmed?).returns(true)
103
+ authenticated_user = User.authenticate(:email => user.email, :password => user.password)
104
+ assert_equal authenticated_user, user
105
+ end
106
+
107
+ test 'should return nil when authenticating an invalid user by email' do
108
+ user = create_user
109
+ authenticated_user = User.authenticate(:email => 'another.email@email.com', :password => user.password)
110
+ assert_nil authenticated_user
111
+ end
112
+
113
+ test 'should return nil when authenticating an invalid user by password' do
114
+ user = create_user
115
+ authenticated_user = User.authenticate(:email => user.email, :password => 'another_password')
116
+ assert_nil authenticated_user
117
+ end
118
+ end