cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use rails tokens for signup confirmations

Browse source
This commit is contained in:
Tom Hughes 2023-12-07 18:49:49 +00:00
parent ad2739347b
commit 4dff06a629
11 changed files with 87 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

38
test/controllers/confirmations_controller_test.rb
View file

@ -39,7 +39,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
user = build(:user, :pending)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create.token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
get user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
assert_response :success
@ -51,7 +51,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create.token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
# Get the confirmation page
get user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
@ -73,7 +73,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create.token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post logout_path
@ -87,7 +87,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create.token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
assert_redirected_to welcome_path
@ -98,7 +98,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create.token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post logout_path
session_for(create(:user))
@ -113,11 +113,11 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create(:referer => new_diary_entry_path).token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post logout_path
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string, :referer => new_diary_entry_path }
assert_redirected_to login_path(:referer => new_diary_entry_path)
assert_match(/Confirmed your account/, flash[:notice])
end
@ -127,9 +127,9 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create(:referer => new_diary_entry_path).token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string, :referer => new_diary_entry_path }
assert_redirected_to new_diary_entry_path
end
@ -138,12 +138,12 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create(:referer => new_diary_entry_path).token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post logout_path
session_for(create(:user))
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string, :referer => new_diary_entry_path }
assert_redirected_to login_path(:referer => new_diary_entry_path)
assert_match(/Confirmed your account/, flash[:notice])
end
@ -153,9 +153,11 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create(:expiry => 1.day.ago).token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
travel 2.weeks do
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
end
assert_redirected_to :action => "confirm"
assert_match(/confirmation code has expired/, flash[:error])
end
@ -165,15 +167,15 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create(:referer => new_diary_entry_path).token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string, :referer => new_diary_entry_path }
assert_redirected_to new_diary_entry_path
post logout_path
confirm_string = User.find_by(:email => user.email).tokens.create(:referer => new_diary_entry_path).token
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string }
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
post user_confirm_path, :params => { :display_name => user.display_name, :confirm_string => confirm_string, :referer => new_diary_entry_path }
assert_redirected_to login_path
assert_match(/already been confirmed/, flash[:error])
end
@ -183,7 +185,7 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
stub_gravatar_request(user.email)
post user_new_path, :params => { :user => user.attributes }
post user_save_path, :params => { :read_ct => 1, :read_tou => 1 }
confirm_string = User.find_by(:email => user.email).tokens.create.token
confirm_string = User.find_by(:email => user.email).generate_token_for(:new_user)
User.find_by(:display_name => user.display_name).hide!