Fix due to unit test when creating with invalid emails

This commit is contained in:
Fernando Olivares
2025-12-12 13:39:39 -06:00
committed by Stanko K.R.
parent fb487f598c
commit cddddcf83a
3 changed files with 18 additions and 8 deletions
+15 -4
View File
@@ -9,20 +9,31 @@ class SessionsController < ApplicationController
end
def create
magic_link = magic_link_from_sign_in_or_sign_up
if identity = Identity.find_by_email_address(email_address)
magic_link = identity.send_magic_link
else
signup = Signup.new(email_address: email_address)
if signup.valid?(:identity_creation)
magic_link = signup.create_identity if Account.accepting_signups?
else
head :unprocessable_entity
return
end
end
serve_development_magic_link magic_link
respond_to do |format|
format.html do
if magic_link.present?
redirect_to_session_magic_link magic_link
redirect_to_session_magic_link magic_link
else
redirect_to session_magic_link_path
end
end
format.json do
render json: { pending_authentication_token: pending_authentication_token_for(email_address) }, status: :created
format.json do
render json: { pending_authentication_token: pending_authentication_token_for(email_address) }, status: :created
end
end
end
+2 -3
View File
@@ -102,13 +102,12 @@ class MagicLinkApiTest < ActionDispatch::IntegrationTest
end
end
test "create session with invalid email via JSON still returns token to prevent enumeration" do
test "create session with invalid email via JSON" do
untenanted do
assert_no_difference -> { Identity.count } do
post session_path(format: :json), params: { email_address: "not-a-valid-email" }
end
assert_response :created
assert @response.parsed_body["pending_authentication_token"].present?
assert_response :unprocessable_entity
end
end
+1 -1
View File
@@ -70,7 +70,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
post session_path, params: { email_address: "not-a-valid-email" }
end
assert_redirected_to session_magic_link_path
assert_response :unprocessable_entity
end
end
end