Remove session controller actions other than delete

and do some general cleanup around sessions controllers and the
sign_in_as test helper
This commit is contained in:
Mike Dalessio
2025-07-02 14:33:33 -04:00
parent c8be7418c1
commit fa1c5f7279
9 changed files with 18 additions and 100 deletions
@@ -6,14 +6,16 @@ class Sessions::LaunchpadControllerTest < ActionDispatch::IntegrationTest
assert_response :success
assert_equal cookies[:_fizzy_launchpad_sig], "test-sig"
assert_select "form input#sig" do |node|
assert_equal node.length, 1
assert_equal node.first["value"], "test-sig"
end
end
test "create establishes a session when the sig is valid" do
user = users(:david)
cookies[:_fizzy_launchpad_sig] = user.signal_user.perishable_signature
put session_launchpad_path
put session_launchpad_path(params: { sig: user.signal_user.perishable_signature })
assert_redirected_to root_url
assert parsed_cookies.signed[:session_token]
@@ -21,9 +23,8 @@ class Sessions::LaunchpadControllerTest < ActionDispatch::IntegrationTest
test "returns 401 when the sig is invalid" do
user = users(:david)
cookies[:sig] = "not-valid"
put session_launchpad_path
put session_launchpad_path(params: { sig: "invalid" })
assert_response :unauthorized
end
+1 -29
View File
@@ -1,38 +1,10 @@
require "test_helper"
class SessionsControllerTest < ActionDispatch::IntegrationTest
ALLOWED_BROWSER = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15"
DISALLOWED_BROWSER = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0"
test "new" do
get new_session_path
assert_response :success
end
test "new enforces browser compatibility" do
get new_session_path, env: { "HTTP_USER_AGENT" => DISALLOWED_BROWSER }
assert_select "svg", message: /Your browser is not supported/
get new_session_path, env: { "HTTP_USER_AGENT" => ALLOWED_BROWSER }
assert_select "svg", text: /Your browser is not supported/, count: 0
end
test "create with valid credentials" do
post session_path, params: { email_address: "david@37signals.com", password: "secret123456" }
assert_redirected_to root_path
assert cookies[:session_token].present?
end
test "create with invalid credentials" do
post session_path, params: { email_address: "david@37signals.com", password: "wrong" }
assert_redirected_to new_session_path
assert_not cookies[:session_token].present?
end
test "destroy" do
sign_in_as :kevin
delete session_path
assert_redirected_to new_session_path
assert_redirected_to Launchpad.login_url
assert_not cookies[:session_token].present?
end
end