rodauth 1.22.0 → 1.23.0

data/spec/create_account_spec.rb

@@ -1,127 +0,0 @@
-require File.expand_path("spec_helper", File.dirname(__FILE__))
-
-describe 'Rodauth create_account feature' do
-  [false, true].each do |ph|
-    it "should support creating accounts #{'with account_password_hash_column' if ph}" do
-      rodauth do
-        enable :login, :create_account
-        account_password_hash_column :ph if ph
-        create_account_autologin? false
-      end
-      roda do |r|
-        r.rodauth
-        r.root{view :content=>""}
-      end
-
-      visit '/create-account'
-      fill_in 'Login', :with=>'foo@example.com'
-      fill_in 'Confirm Login', :with=>'foo@example.com'
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'0123456789'
-      click_button 'Create Account'
-      page.html.must_include("invalid login, already an account with this login")
-      page.find('#error_flash').text.must_equal "There was an error creating your account"
-      page.current_path.must_equal '/create-account'
-
-      fill_in 'Login', :with=>'foobar'
-      fill_in 'Confirm Login', :with=>'foobar'
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'0123456789'
-      click_button 'Create Account'
-      page.html.must_include("invalid login, not a valid email address")
-      page.find('#error_flash').text.must_equal "There was an error creating your account"
-      page.current_path.must_equal '/create-account'
-
-      fill_in 'Login', :with=>'foo@example2.com'
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'0123456789'
-      click_button 'Create Account'
-      page.html.must_include("logins do not match")
-      page.find('#error_flash').text.must_equal "There was an error creating your account"
-      page.current_path.must_equal '/create-account'
-
-      fill_in 'Confirm Login', :with=>'foo@example2.com'
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'012345678'
-      click_button 'Create Account'
-      page.html.must_include("passwords do not match")
-      page.find('#error_flash').text.must_equal "There was an error creating your account"
-      page.current_path.must_equal '/create-account'
-
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'0123456789'
-      click_button 'Create Account'
-      page.find('#notice_flash').text.must_equal "Your account has been created"
-      page.current_path.must_equal '/'
-
-      login(:login=>'foo@example2.com')
-      page.current_path.must_equal '/'
-    end
-  end
-
-  it "should support creating accounts without login/password confirmation" do
-    rodauth do
-      enable :login, :create_account
-      require_login_confirmation? false
-      require_password_confirmation? false
-      create_account_autologin? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    visit '/create-account'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Password', :with=>'0123456789'
-    click_button 'Create Account'
-    page.find('#notice_flash').text.must_equal "Your account has been created"
-  end
-
-  it "should support autologin after account creation" do
-    rodauth do
-      enable :create_account
-    end
-    roda do |r|
-      r.rodauth
-      next unless rodauth.logged_in?
-      r.root{view :content=>"Logged In: #{DB[:accounts].where(:id=>rodauth.session_value).get(:email)}"}
-    end
-
-    visit '/create-account'
-    fill_in 'Login', :with=>'foo2@example.com'
-    fill_in 'Confirm Login', :with=>'foo2@example.com'
-    fill_in 'Password', :with=>'apple2'
-    fill_in 'Confirm Password', :with=>'apple2'
-    click_button 'Create Account'
-    page.html.must_include("Logged In: foo2@example.com")
-  end
-
-  it "should support creating accounts via jwt" do
-    rodauth do
-      enable :login, :create_account
-      after_create_account{json_response[:account_id] = account_id}
-      create_account_autologin? false
-    end
-    roda(:jwt) do |r|
-      r.rodauth
-    end
-
-    res = json_request('/create-account', :login=>'foo@example.com', "login-confirm"=>'foo@example.com', :password=>'0123456789', "password-confirm"=>'0123456789')
-    res.must_equal [422, {'error'=>"There was an error creating your account", "field-error"=>["login", "invalid login, already an account with this login"]}]
-
-    res = json_request('/create-account', :login=>'foobar', "login-confirm"=>'foobar', :password=>'0123456789', "password-confirm"=>'0123456789')
-    res.must_equal [422, {'error'=>"There was an error creating your account", "field-error"=>["login", "invalid login, not a valid email address"]}]
-
-    res = json_request('/create-account', :login=>'foo@example2.com', "login-confirm"=>'foobar', :password=>'0123456789', "password-confirm"=>'0123456789')
-    res.must_equal [422, {'error'=>"There was an error creating your account", "field-error"=>["login", "logins do not match"]}]
-
-    res = json_request('/create-account', :login=>'foo@example2.com', "login-confirm"=>'foo@example2.com', :password=>'012345678', "password-confirm"=>'0123456789')
-    res.must_equal [422, {'error'=>"There was an error creating your account", "field-error"=>["password", "passwords do not match"]}]
-
-    res = json_request('/create-account', :login=>'foo@example2.com', "login-confirm"=>'foo@example2.com', :password=>'0123456789', "password-confirm"=>'0123456789')
-    res.must_equal [200, {'success'=>"Your account has been created", 'account_id'=>DB[:accounts].max(:id)}]
-
-    json_login(:login=>'foo@example2.com')
-  end
-end

data/spec/disallow_common_passwords_spec.rb

@@ -1,93 +0,0 @@
-require File.expand_path("spec_helper", File.dirname(__FILE__))
-
-describe 'Rodauth disallow common passwords feature' do
-  it "should check that password used is not one of the most common" do
-    rodauth do
-      enable :login, :change_password, :disallow_common_passwords
-      change_password_requires_password? false
-      password_minimum_length 1
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    login
-    page.current_path.must_equal '/'
-
-    visit '/change-password'
-
-    bad_password_file = File.join(File.dirname(File.dirname(File.expand_path(__FILE__))), 'dict', 'top-10_000-passwords.txt')
-    (File.read(bad_password_file).split.shuffle - ['0123456789']).take(5).each do |pass|
-      fill_in 'New Password', :with=>pass
-      fill_in 'Confirm Password', :with=>pass
-      click_button 'Change Password'
-      page.html.must_include("invalid password, does not meet requirements (is one of the most common passwords)")
-      page.find('#error_flash').text.must_equal "There was an error changing your password"
-    end
-
-    fill_in 'New Password', :with=>'footpassword'
-    fill_in 'Confirm Password', :with=>'footpassword'
-    click_button 'Change Password'
-    page.find('#notice_flash').text.must_equal "Your password has been changed"
-  end
-
-  it "should check that password used is not one of the most common with custom password set" do
-    rodauth do
-      enable :login, :change_password, :disallow_common_passwords
-      change_password_requires_password? false
-      most_common_passwords ['foobarbaz']
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    login
-    page.current_path.must_equal '/'
-
-    visit '/change-password'
-
-    fill_in 'New Password', :with=>'foobarbaz'
-    fill_in 'Confirm Password', :with=>'foobarbaz'
-    click_button 'Change Password'
-    page.html.must_include("invalid password, does not meet requirements (is one of the most common passwords)")
-    page.find('#error_flash').text.must_equal "There was an error changing your password"
-
-    fill_in 'New Password', :with=>'footpassword'
-    fill_in 'Confirm Password', :with=>'footpassword'
-    click_button 'Change Password'
-    page.find('#notice_flash').text.must_equal "Your password has been changed"
-  end
-
-  it "should check that password used is not one of the most common with custom check" do
-    rodauth do
-      enable :login, :change_password, :disallow_common_passwords
-      change_password_requires_password? false
-      most_common_passwords_file nil
-      password_one_of_most_common? do |password|
-        password == 'foobarbaz'
-      end
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    login
-    page.current_path.must_equal '/'
-
-    visit '/change-password'
-
-    fill_in 'New Password', :with=>'foobarbaz'
-    fill_in 'Confirm Password', :with=>'foobarbaz'
-    click_button 'Change Password'
-    page.html.must_include("invalid password, does not meet requirements (is one of the most common passwords)")
-    page.find('#error_flash').text.must_equal "There was an error changing your password"
-
-    fill_in 'New Password', :with=>'footpassword'
-    fill_in 'Confirm Password', :with=>'footpassword'
-    click_button 'Change Password'
-    page.find('#notice_flash').text.must_equal "Your password has been changed"
-  end
-end

data/spec/disallow_password_reuse_spec.rb

@@ -1,179 +0,0 @@
-require File.expand_path("spec_helper", File.dirname(__FILE__))
-
-describe 'Rodauth disallow_password_reuse feature' do
-  it "should disallow reuse of passwords" do
-    table = :account_previous_password_hashes
-    rodauth do
-      enable :login, :change_password, :disallow_password_reuse, :close_account
-      if ENV['RODAUTH_SEPARATE_SCHEMA']
-        table = Sequel[:rodauth_test_password][:account_previous_password_hashes]
-        previous_password_hash_table table
-      end
-      change_password_requires_password? false
-      close_account_requires_password? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    login
-    page.current_path.must_equal '/'
-
-    8.times do |i|
-      visit '/change-password'
-      fill_in 'New Password', :with=>"password#{i}"
-      fill_in 'Confirm Password', :with=>"password#{i}"
-      click_button 'Change Password'
-      page.find('#notice_flash').text.must_equal "Your password has been changed"
-    end
-
-    visit '/change-password'
-
-    (1..6).each do |i|
-      fill_in 'New Password', :with=>"password#{i}"
-      fill_in 'Confirm Password', :with=>"password#{i}"
-      click_button 'Change Password'
-      page.html.must_include("invalid password, does not meet requirements (same as previous password)")
-      page.find('#error_flash').text.must_equal "There was an error changing your password"
-    end
-
-    fill_in 'New Password', :with=>"password7"
-    fill_in 'Confirm Password', :with=>"password7"
-    click_button 'Change Password'
-    page.html.must_include("invalid password, same as current password")
-
-    fill_in 'New Password', :with=>'password0'
-    fill_in 'Confirm Password', :with=>'password0'
-    click_button 'Change Password'
-    page.find('#notice_flash').text.must_equal "Your password has been changed"
-
-    DB[table].get{count(:id)}.must_equal 7
-    visit '/close-account'
-    click_button 'Close Account'
-    DB[table].get{count(:id)}.must_equal 0
-  end
-
-  [true, false].each do |ph|
-    it "should handle create account when account_password_hash_column is #{ph}" do
-      rodauth do
-        enable :login, :create_account, :change_password, :disallow_password_reuse
-        if ENV['RODAUTH_SEPARATE_SCHEMA']
-          previous_password_hash_table Sequel[:rodauth_test_password][:account_previous_password_hashes]
-        end
-        account_password_hash_column :ph if ph
-        change_password_requires_password? false
-      end
-      roda do |r|
-        r.rodauth
-        r.root{view :content=>""}
-      end
-
-      visit '/create-account'
-      fill_in 'Login', :with=>'bar@example.com'
-      fill_in 'Confirm Login', :with=>'bar@example.com'
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'0123456789'
-      click_button 'Create Account'
-      page.current_path.must_equal '/'
-      page.find('#notice_flash').text.must_equal "Your account has been created"
-
-      visit '/change-password'
-      fill_in 'New Password', :with=>"012345678"
-      fill_in 'Confirm Password', :with=>"012345678"
-      click_button 'Change Password'
-      page.find('#notice_flash').text.must_equal "Your password has been changed"
-
-      visit '/change-password'
-      fill_in 'New Password', :with=>"0123456789"
-      fill_in 'Confirm Password', :with=>"0123456789"
-      click_button 'Change Password'
-      page.html.must_include("invalid password, does not meet requirements (same as previous password)")
-    end
-
-    it "should handle verify account when account_password_hash_column is #{ph}" do
-      rodauth do
-        enable :login, :verify_account, :change_password, :disallow_password_reuse
-        if ENV['RODAUTH_SEPARATE_SCHEMA']
-          previous_password_hash_table Sequel[:rodauth_test_password][:account_previous_password_hashes]
-        end
-        account_password_hash_column :ph if ph
-        change_password_requires_password? false
-      end
-      roda do |r|
-        r.rodauth
-        r.root{view :content=>""}
-      end
-
-      visit '/create-account'
-      fill_in 'Login', :with=>'bar@example.com'
-      fill_in 'Confirm Login', :with=>'bar@example.com'
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'0123456789'
-      click_button 'Create Account'
-      page.current_path.must_equal '/'
-      page.find('#notice_flash').text.must_equal "An email has been sent to you with a link to verify your account"
-      link = email_link(/(\/verify-account\?key=.+)$/, 'bar@example.com')
-
-      visit link
-      click_button 'Verify Account'
-      page.find('#notice_flash').text.must_equal "Your account has been verified"
-      page.current_path.must_equal '/'
-
-      visit '/change-password'
-      fill_in 'New Password', :with=>"012345678"
-      fill_in 'Confirm Password', :with=>"012345678"
-      click_button 'Change Password'
-      page.find('#notice_flash').text.must_equal "Your password has been changed"
-
-      visit '/change-password'
-      fill_in 'New Password', :with=>"0123456789"
-      fill_in 'Confirm Password', :with=>"0123456789"
-      click_button 'Change Password'
-      page.html.must_include("invalid password, does not meet requirements (same as previous password)")
-    end
-
-    it "should handle verify account when account_password_hash_column is #{ph} and verify_account_set_password? is true" do
-      rodauth do
-        enable :login, :verify_account, :change_password, :disallow_password_reuse
-        if ENV['RODAUTH_SEPARATE_SCHEMA']
-          previous_password_hash_table Sequel[:rodauth_test_password][:account_previous_password_hashes]
-        end
-        account_password_hash_column :ph if ph
-        change_password_requires_password? false
-        verify_account_set_password? true
-      end
-      roda do |r|
-        r.rodauth
-        r.root{view :content=>""}
-      end
-
-      visit '/create-account'
-      fill_in 'Login', :with=>'bar@example.com'
-      fill_in 'Confirm Login', :with=>'bar@example.com'
-      click_button 'Create Account'
-      page.current_path.must_equal '/'
-      page.find('#notice_flash').text.must_equal "An email has been sent to you with a link to verify your account"
-      link = email_link(/(\/verify-account\?key=.+)$/, 'bar@example.com')
-
-      visit link
-      fill_in 'Password', :with=>'0123456789'
-      fill_in 'Confirm Password', :with=>'0123456789'
-      click_button 'Verify Account'
-      page.find('#notice_flash').text.must_equal "Your account has been verified"
-      page.current_path.must_equal '/'
-
-      visit '/change-password'
-      fill_in 'New Password', :with=>"012345678"
-      fill_in 'Confirm Password', :with=>"012345678"
-      click_button 'Change Password'
-      page.find('#notice_flash').text.must_equal "Your password has been changed"
-
-      visit '/change-password'
-      fill_in 'New Password', :with=>"0123456789"
-      fill_in 'Confirm Password', :with=>"0123456789"
-      click_button 'Change Password'
-      page.html.must_include("invalid password, does not meet requirements (same as previous password)")
-    end
-  end
-end

data/spec/email_auth_spec.rb

@@ -1,285 +0,0 @@
-require File.expand_path("spec_helper", File.dirname(__FILE__))
-
-describe 'Rodauth email auth feature' do
-  it "should support logging in use link sent via email, without a password for the account" do
-    rodauth do
-      enable :login, :email_auth, :logout
-      account_password_hash_column :ph
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    DB[:accounts].update(:ph=>nil).must_equal 1
-
-    visit '/login'
-    fill_in 'Login', :with=>'foo2@example.com'
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal 'There was an error logging in'
-    page.html.must_include("no matching login")
-
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    page.find('#notice_flash').text.must_equal "An email has been sent to you with a link to login to your account"
-    page.current_path.must_equal '/'
-    link = email_link(/(\/email-auth\?key=.+)$/)
-
-    visit link[0...-1]
-    page.find('#error_flash').text.must_equal "There was an error logging you in: invalid email authentication key"
-
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal "An email has recently been sent to you with a link to login"
-    Mail::TestMailer.deliveries.must_equal []
-
-    DB[:account_email_auth_keys].update(:email_last_sent => Time.now - 250).must_equal 1
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal "An email has recently been sent to you with a link to login"
-    Mail::TestMailer.deliveries.must_equal []
-
-    DB[:account_email_auth_keys].update(:email_last_sent => Time.now - 350).must_equal 1
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    email_link(/(\/email-auth\?key=.+)$/).must_equal link
-
-    visit link
-    page.title.must_equal 'Login'
-    click_button 'Login'
-    page.find('#notice_flash').text.must_equal 'You have been logged in'
-    page.current_path.must_equal '/'
-
-    logout
-
-    visit link
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-
-    link2 = email_link(/(\/email-auth\?key=.+)$/)
-    link2.wont_equal link
-
-    visit link2
-    DB[:account_email_auth_keys].update(:deadline => Time.now - 60).must_equal 1
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal "There was an error logging you in"
-    page.current_path.must_equal '/'
-    DB[:account_email_auth_keys].count.must_equal 0
-
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-
-    visit email_link(/(\/email-auth\?key=.+)$/)
-    DB[:account_email_auth_keys].update(:key=>'1').must_equal 1
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal "There was an error logging you in"
-    page.current_path.must_equal '/'
-  end
-
-  it "should support logging in use link sent via email, with a password for the account" do
-    rodauth do
-      enable :login, :email_auth, :logout
-      email_auth_email_last_sent_column nil
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    visit '/login'
-    fill_in 'Login', :with=>'foo2@example.com'
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal 'There was an error logging in'
-    page.html.must_include("no matching login")
-
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    click_button 'Send Login Link Via Email'
-    page.find('#notice_flash').text.must_equal "An email has been sent to you with a link to login to your account"
-    page.current_path.must_equal '/'
-    link = email_link(/(\/email-auth\?key=.+)$/)
-
-    visit link[0...-1]
-    page.find('#error_flash').text.must_equal "There was an error logging you in: invalid email authentication key"
-
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    click_button 'Send Login Link Via Email'
-    email_link(/(\/email-auth\?key=.+)$/).must_equal link
-
-    visit link
-    page.title.must_equal 'Login'
-    click_button 'Login'
-    page.find('#notice_flash').text.must_equal 'You have been logged in'
-    page.current_path.must_equal '/'
-
-    logout
-
-    visit link
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    click_button 'Send Login Link Via Email'
-
-    link2 = email_link(/(\/email-auth\?key=.+)$/)
-    link2.wont_equal link
-
-    visit link2
-    DB[:account_email_auth_keys].update(:deadline => Time.now - 60).must_equal 1
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal "There was an error logging you in"
-    page.current_path.must_equal '/'
-    DB[:account_email_auth_keys].count.must_equal 0
-
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    click_button 'Send Login Link Via Email'
-
-    visit email_link(/(\/email-auth\?key=.+)$/)
-    DB[:account_email_auth_keys].update(:key=>'1').must_equal 1
-    click_button 'Login'
-    page.find('#error_flash').text.must_equal "There was an error logging you in"
-    page.current_path.must_equal '/'
-  end
-
-  it "should allow password login for accounts with password hashes" do
-    rodauth do
-      enable :login, :email_auth
-    end
-    roda do |r|
-      r.rodauth
-      next unless rodauth.logged_in?
-      r.root{view :content=>"Logged In"}
-    end
-
-    visit '/login'
-    page.title.must_equal 'Login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    page.html.must_include 'Send Login Link Via Email'
-    fill_in 'Password', :with=>'0123456789'
-    click_button 'Login'
-    page.current_path.must_equal '/'
-    page.find('#notice_flash').text.must_equal 'You have been logged in'
-  end
-
-  it "should work with creating accounts without setting passwords" do
-    rodauth do
-      enable :login, :create_account, :email_auth
-      require_login_confirmation? false
-      create_account_autologin? false
-      create_account_set_password? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    visit '/create-account'
-    fill_in 'Login', :with=>'foo@example2.com'
-    click_button 'Create Account'
-    page.find('#notice_flash').text.must_equal "Your account has been created"
-
-    visit '/login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    click_button 'Login'
-    page.current_path.must_equal '/'
-    visit email_link(/(\/email-auth\?key=.+)$/, 'foo@example2.com')
-    page.title.must_equal 'Login'
-    click_button 'Login'
-    page.find('#notice_flash').text.must_equal 'You have been logged in'
-    page.current_path.must_equal '/'
-  end
-
-  it "should clear email auth token when closing account" do
-    rodauth do
-      enable :login, :email_auth, :close_account
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>rodauth.logged_in? ? "Logged In" : "Not Logged"}
-    end
-
-    visit '/login'
-    page.title.must_equal 'Login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    click_button 'Send Login Link Via Email'
-
-    hash = DB[:account_email_auth_keys].first
-
-    visit email_link(/(\/email-auth\?key=.+)$/)
-    click_button 'Login'
-
-    DB[:account_email_auth_keys].count.must_equal 0
-    DB[:account_email_auth_keys].insert(hash)
-
-    visit '/close-account'
-    fill_in 'Password', :with=>'0123456789'
-    click_button 'Close Account'
-    DB[:account_email_auth_keys].count.must_equal 0
-  end
-
-  it "should handle uniqueness errors raised when inserting email auth token" do
-    rodauth do
-      enable :login, :email_auth
-    end
-    roda do |r|
-      def rodauth.raised_uniqueness_violation(*) super; true; end
-      r.rodauth
-      r.root{view :content=>""}
-    end
-
-    visit '/login'
-    page.title.must_equal 'Login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    click_button 'Send Login Link Via Email'
-    link = email_link(/(\/email-auth\?key=.+)$/)
-
-    DB[:account_email_auth_keys].update(:email_last_sent => Time.now - 350).must_equal 1
-    visit '/login'
-    page.title.must_equal 'Login'
-    fill_in 'Login', :with=>'foo@example.com'
-    click_button 'Login'
-    click_button 'Send Login Link Via Email'
-    email_link(/(\/email-auth\?key=.+)$/).must_equal link
-  end
-
-  it "should support email auth for accounts via jwt" do
-    rodauth do
-      enable :login, :email_auth
-      email_auth_email_body{email_auth_email_link}
-    end
-    roda(:jwt) do |r|
-      r.rodauth
-    end
-
-    res = json_request('/email-auth-request')
-    res.must_equal [401, {"error"=>"There was an error requesting an email link to authenticate"}]
-
-    res = json_request('/email-auth-request', :login=>'foo@example2.com')
-    res.must_equal [401, {"error"=>"There was an error requesting an email link to authenticate"}]
-
-    res = json_request('/email-auth-request', :login=>'foo@example.com')
-    res.must_equal [200, {"success"=>"An email has been sent to you with a link to login to your account"}]
-
-    link = email_link(/key=.+$/)
-    res = json_request('/email-auth')
-    res.must_equal [401, {"error"=>"There was an error logging you in"}]
-
-    res = json_request('/email-auth', :key=>link[4...-1])
-    res.must_equal [401, {"error"=>"There was an error logging you in"}]
-
-    res = json_request('/email-auth', :key=>link[4..-1])
-    res.must_equal [200, {"success"=>"You have been logged in"}]
-  end
-end
-