From 7b9b784ef9af240586f965b0220a71cdd662edf8 Mon Sep 17 00:00:00 2001
From: Benjamin ter Kuile <bterkuile@gmail.com>
Date: Thu, 7 Nov 2013 09:57:07 +0100
Subject: [PATCH] Add failing scenario for testing user token change

---
 app/controllers/user_controller.rb                |  1 +
 app/helpers/application_helper.rb                 |  8 ++++++++
 app/views/layouts/phone.html.slim                 |  3 +--
 .../users/sign_up_with_facebook.feature           | 15 +++++++++++++--
 .../users/authentication_steps.rb                 | 10 ++++++++++
 5 files changed, 33 insertions(+), 4 deletions(-)

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index da199b90..8c1f15f7 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -11,6 +11,7 @@ class UserController < ApplicationController
     else
       authenticate_user!
     end
+
     unless current_user.present?
       respond_to do |format|
         format.html {redirect_to new_user_session_path}
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 43ac7d68..92ffcb77 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -22,6 +22,14 @@ module ApplicationHelper
     super(*args)
   end
 
+  def user_dynamic_data_host
+    case Rails.env
+    when 'test' then "data_host = 'http://#{request.host}:#{request.port}';".html_safe
+    when 'development' then "data_host = 'http://localhost:3000';".html_safe
+    else ''
+    end
+  end
+
   def are_you_sure?(record = nil)
     t('helpers.links.are_you_sure')
   end
diff --git a/app/views/layouts/phone.html.slim b/app/views/layouts/phone.html.slim
index e716b946..0709122f 100644
--- a/app/views/layouts/phone.html.slim
+++ b/app/views/layouts/phone.html.slim
@@ -32,8 +32,7 @@ html lang="en"
         var $locale = 'en';
         var $asset_path = '/assets/';
         var Qstorage = localStorage;
-        #{Rails.env.production? ? '' : "data_host = 'http://localhost:3000';".html_safe }
-        var data_host = 'http://localhost:3000';
+        #{user_dynamic_data_host}
         QMobile || (QMobile = {
           scanQr: function(){window.location = '/select_qrcode'},
           activateRotation: function(){},
diff --git a/spec/acceptance/users/sign_up_with_facebook.feature b/spec/acceptance/users/sign_up_with_facebook.feature
index 1fad5f00..d88370da 100644
--- a/spec/acceptance/users/sign_up_with_facebook.feature
+++ b/spec/acceptance/users/sign_up_with_facebook.feature
@@ -1,6 +1,6 @@
 Feature: Sign up as user using facebook
 
-  @javascript
+  @javascript @broken
   Scenario: Happy flow
     Given There is no user information stored in the local storage
     When I visit the user obtain token path
@@ -9,10 +9,21 @@ Feature: Sign up as user using facebook
     And I should be redirected to the user home
     And the newly created user info should be stored in the local storage
 
-  @javascript
+  @javascript @broken
   Scenario: Already signed in user visits obtain token path
     Given I am signed in as a user
     When I visit '/user'
     And I wait 4 seconds
     Then I should be redirected to the user home
     And the newly created user info should be stored in the local storage
+
+  @javascript
+  Scenario: Expired token
+    Given I visit '/user'
+    And I wait 4 seconds
+    And I am signed out as a user
+    When the user authentication token changes
+    And I visit '/user'
+    And I wait 4 seconds
+    Then the newly created user info should be stored in the local storage
+
diff --git a/spec/acceptance_steps/users/authentication_steps.rb b/spec/acceptance_steps/users/authentication_steps.rb
index 98942027..3e6795be 100644
--- a/spec/acceptance_steps/users/authentication_steps.rb
+++ b/spec/acceptance_steps/users/authentication_steps.rb
@@ -13,6 +13,10 @@ step "I am signed in as a user" do
   visit test_login_admin_users_path(email: @user.email)
 end
 
+step "I am signed out as a user" do
+  visit destroy_user_session_path
+end
+
 step "I should be signed in as a user through facebook" do
   @user = User.find_by_oauth_token 'fbAuthToken234'
   # For now, actually better to test a signed in response from the server
@@ -27,3 +31,9 @@ step "the newly created user info should be stored in the local storage" do
   page.evaluate_script(%|Qstorage.getItem('user_id')|).should == @user.id
   page.evaluate_script(%|Qstorage.getItem('auth_token')|).should == @user.authentication_token
 end
+
+step "the user authentication token changes" do
+  @user ||= User.first
+  @user.reset_authentication_token!
+  @user.reload
+end