cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor login/logout into sessions controller

Browse source 
Certain controller methods are shared with oauth-based logins, and these have been
moved to a concern.
This commit is contained in:
Andy Allan 2021-03-10 14:15:14 +00:00
parent 3512d6303c
commit f18baae22e
16 changed files with 285 additions and 250 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.rubocop_todo.yml
View file

@ -155,6 +155,7 @@ Rails/NotNullColumn:
# Offense count: 8
Rails/OutputSafety:
Exclude:
- 'app/controllers/sessions_controller.rb'
- 'app/controllers/users_controller.rb'
- 'app/helpers/application_helper.rb'
- 'lib/rich_text.rb'

3
app/abilities/ability.rb
View file

@ -19,8 +19,9 @@ class Ability
can [:index, :rss, :show, :comments], DiaryEntry
can [:index], Note
can [:index, :show], Redaction
can [:new, :create, :destroy], :session
can [:index, :show, :data, :georss, :picture, :icon], Trace
can [:terms, :login, :logout, :new, :create, :save, :confirm, :confirm_resend, :confirm_email, :lost_password, :reset_password, :show, :auth_success, :auth_failure], User
can [:terms, :new, :create, :save, :confirm, :confirm_resend, :confirm_email, :lost_password, :reset_password, :show, :auth_success, :auth_failure], User
can [:index, :show, :blocks_on, :blocks_by], UserBlock
can [:index, :show], Node
can [:index, :show, :full, :ways_for_node], Way

98
app/controllers/concerns/session_methods.rb Normal file
View file

@ -0,0 +1,98 @@
module SessionMethods
extend ActiveSupport::Concern
private
##
# return the URL to use for authentication
def auth_url(provider, uid, referer = nil)
params = { :provider => provider }
params[:openid_url] = openid_expand_url(uid) if provider == "openid"
if referer.nil?
params[:origin] = request.path
else
params[:origin] = "#{request.path}?referer=#{CGI.escape(referer)}"
params[:referer] = referer
end
auth_path(params)
end
##
# special case some common OpenID providers by applying heuristics to
# try and come up with the correct URL based on what the user entered
def openid_expand_url(openid_url)
if openid_url.nil?
nil
elsif openid_url.match(%r{(.*)gmail.com(/?)$}) || openid_url.match(%r{(.*)googlemail.com(/?)$})
# Special case gmail.com as it is potentially a popular OpenID
# provider and, unlike yahoo.com, where it works automatically, Google
# have hidden their OpenID endpoint somewhere obscure this making it
# somewhat less user friendly.
"https://www.google.com/accounts/o8/id"
else
openid_url
end
end
##
# process a successful login
def successful_login(user, referer = nil)
session[:user] = user.id
session[:fingerprint] = user.fingerprint
session_expires_after 28.days if session[:remember_me]
target = referer || session[:referer] || url_for(:controller => :site, :action => :index)
# The user is logged in, so decide where to send them:
#
# - If they haven't seen the contributor terms, send them there.
# - If they have a block on them, show them that.
# - If they were referred to the login, send them back there.
# - Otherwise, send them to the home page.
if !user.terms_seen
redirect_to :controller => :users, :action => :terms, :referer => target
elsif user.blocked_on_view
redirect_to user.blocked_on_view, :referer => target
else
redirect_to target
end
session.delete(:remember_me)
session.delete(:referer)
end
##
# process a failed login
def failed_login(message, username = nil)
flash[:error] = message
redirect_to :action => "new", :referer => session[:referer],
:username => username, :remember_me => session[:remember_me]
session.delete(:remember_me)
session.delete(:referer)
end
##
#
def unconfirmed_login(user)
session[:token] = user.tokens.create.token
redirect_to :controller => "users", :action => "confirm", :display_name => user.display_name
session.delete(:remember_me)
session.delete(:referer)
end
##
#
def disable_terms_redirect
# this is necessary otherwise going to the user terms page, when
# having not agreed already would cause an infinite redirect loop.
# it's .now so that this doesn't propagate to other pages.
flash.now[:skip_terms] = true
end
end

59
app/controllers/sessions_controller.rb Normal file
View file

@ -0,0 +1,59 @@
class SessionsController < ApplicationController
include SessionMethods
layout "site"
before_action :disable_terms_redirect, :only => [:destroy]
before_action :require_cookies, :only => [:new]
authorize_resource :class => false
def new
append_content_security_policy_directives(
:form_action => %w[*]
)
session[:referer] = safe_referer(params[:referer]) if params[:referer]
end
def create
session[:remember_me] ||= params[:remember_me]
session[:referer] = safe_referer(params[:referer]) if params[:referer]
password_authentication(params[:username], params[:password])
end
def destroy
@title = t "sessions.destroy.title"
if request.post?
if session[:token]
token = UserToken.find_by(:token => session[:token])
token&.destroy
session.delete(:token)
end
session.delete(:user)
session_expires_automatically
if params[:referer]
redirect_to safe_referer(params[:referer])
else
redirect_to :controller => "site", :action => "index"
end
end
end
private
##
# handle password authentication
def password_authentication(username, password)
if (user = User.authenticate(:username => username, :password => password))
successful_login(user)
elsif (user = User.authenticate(:username => username, :password => password, :pending => true))
unconfirmed_login(user)
elsif User.authenticate(:username => username, :password => password, :suspended => true)
failed_login t("sessions.new.account is suspended", :webmaster => "mailto:#{Settings.support_email}").html_safe, username
else
failed_login t("sessions.new.auth failure"), username
end
end
end

134
app/controllers/users_controller.rb
View file

@ -1,8 +1,10 @@
class UsersController < ApplicationController
include SessionMethods
layout "site"
skip_before_action :verify_authenticity_token, :only => [:auth_success]
before_action :disable_terms_redirect, :only => [:terms, :save, :logout]
before_action :disable_terms_redirect, :only => [:terms, :save]
before_action :authorize_web
before_action :set_locale
before_action :check_database_readable
@ -11,7 +13,7 @@ class UsersController < ApplicationController
before_action :require_self, :only => [:account]
before_action :check_database_writable, :only => [:new, :account, :confirm, :confirm_email, :lost_password, :reset_password, :go_public]
before_action :require_cookies, :only => [:new, :login, :confirm]
before_action :require_cookies, :only => [:new, :confirm]
before_action :lookup_user_by_name, :only => [:set_status, :destroy]
before_action :allow_thirdparty_images, :only => [:show, :account]
@ -269,38 +271,6 @@ class UsersController < ApplicationController
end
end
def login
append_content_security_policy_directives(
:form_action => %w[*]
)
session[:referer] = safe_referer(params[:referer]) if params[:referer]
if request.post?
session[:remember_me] ||= params[:remember_me]
password_authentication(params[:username], params[:password])
end
end
def logout
@title = t "users.logout.title"
if request.post?
if session[:token]
token = UserToken.find_by(:token => session[:token])
token&.destroy
session.delete(:token)
end
session.delete(:user)
session_expires_automatically
if params[:referer]
redirect_to safe_referer(params[:referer])
else
redirect_to :controller => "site", :action => "index"
end
end
end
def confirm
if request.post?
token = UserToken.find_by(:token => params[:confirm_string])
@ -514,93 +484,6 @@ class UsersController < ApplicationController
private
##
# handle password authentication
def password_authentication(username, password)
if user = User.authenticate(:username => username, :password => password)
successful_login(user)
elsif user = User.authenticate(:username => username, :password => password, :pending => true)
unconfirmed_login(user)
elsif User.authenticate(:username => username, :password => password, :suspended => true)
failed_login t("users.login.account is suspended", :webmaster => "mailto:#{Settings.support_email}").html_safe, username
else
failed_login t("users.login.auth failure"), username
end
end
##
# return the URL to use for authentication
def auth_url(provider, uid, referer = nil)
params = { :provider => provider }
params[:openid_url] = openid_expand_url(uid) if provider == "openid"
if referer.nil?
params[:origin] = request.path
else
params[:origin] = "#{request.path}?referer=#{CGI.escape(referer)}"
params[:referer] = referer
end
auth_path(params)
end
##
# special case some common OpenID providers by applying heuristics to
# try and come up with the correct URL based on what the user entered
def openid_expand_url(openid_url)
if openid_url.nil?
nil
elsif openid_url.match(%r{(.*)gmail.com(/?)$}) || openid_url.match(%r{(.*)googlemail.com(/?)$})
# Special case gmail.com as it is potentially a popular OpenID
# provider and, unlike yahoo.com, where it works automatically, Google
# have hidden their OpenID endpoint somewhere obscure this making it
# somewhat less user friendly.
"https://www.google.com/accounts/o8/id"
else
openid_url
end
end
##
# process a successful login
def successful_login(user, referer = nil)
session[:user] = user.id
session[:fingerprint] = user.fingerprint
session_expires_after 28.days if session[:remember_me]
target = referer || session[:referer] || url_for(:controller => :site, :action => :index)
# The user is logged in, so decide where to send them:
#
# - If they haven't seen the contributor terms, send them there.
# - If they have a block on them, show them that.
# - If they were referred to the login, send them back there.
# - Otherwise, send them to the home page.
if !user.terms_seen
redirect_to :action => :terms, :referer => target
elsif user.blocked_on_view
redirect_to user.blocked_on_view, :referer => target
else
redirect_to target
end
session.delete(:remember_me)
session.delete(:referer)
end
##
# process a failed login
def failed_login(message, username = nil)
flash[:error] = message
redirect_to :action => "login", :referer => session[:referer],
:username => username, :remember_me => session[:remember_me]
session.delete(:remember_me)
session.delete(:referer)
end
##
#
def unconfirmed_login(user)
@ -698,15 +581,6 @@ class UsersController < ApplicationController
redirect_to :action => "view", :display_name => params[:display_name] unless @user
end
##
#
def disable_terms_redirect
# this is necessary otherwise going to the user terms page, when
# having not agreed already would cause an infinite redirect loop.
# it's .now so that this doesn't propagate to other pages.
flash.now[:skip_terms] = true
end
##
# return permitted user parameters
def user_params

6
app/helpers/user_helper.rb
View file

@ -53,16 +53,16 @@ module UserHelper
# External authentication support
def openid_logo
image_tag "openid_small.png", :alt => t("users.login.openid_logo_alt"), :class => "openid_logo"
image_tag "openid_small.png", :alt => t("sessions.new.openid_logo_alt"), :class => "openid_logo"
end
def auth_button(name, provider, options = {})
link_to(
image_tag("#{name}.svg", :alt => t("users.login.auth_providers.#{name}.alt"), :class => "rounded-lg"),
image_tag("#{name}.svg", :alt => t("sessions.new.auth_providers.#{name}.alt"), :class => "rounded-lg"),
auth_path(options.merge(:provider => provider)),
:method => :post,
:class => "auth_button",
:title => t("users.login.auth_providers.#{name}.title")
:title => t("sessions.new.auth_providers.#{name}.title")
)
end

0
app/views/users/logout.html.erb → app/views/sessions/destroy.html.erb
View file

0
app/views/users/login.html.erb → app/views/sessions/new.html.erb
View file

105
config/locales/en.yml
View file

@ -1586,6 +1586,59 @@ en:
as_unread: "Message marked as unread"
destroy:
destroyed: "Message deleted"
sessions:
new:
title: "Login"
heading: "Login"
email or username: "Email Address or Username:"
password: "Password:"
openid_html: "%{logo} OpenID:"
remember: "Remember me"
lost password link: "Lost your password?"
login_button: "Login"
register now: Register now
with username: "Already have an OpenStreetMap account? Please login with your username and password:"
with external: "Alternatively, use a third party to login:"
new to osm: New to OpenStreetMap?
to make changes: To make changes to the OpenStreetMap data, you must have an account.
create account minute: Create an account. It only takes a minute.
no account: Don't have an account?
account not active: "Sorry, your account is not active yet.<br />Please use the link in the account confirmation email to activate your account, or <a href=\"%{reconfirm}\">request a new confirmation email</a>."
account is suspended: Sorry, your account has been suspended due to suspicious activity.<br />Please contact the <a href="%{webmaster}">webmaster</a> if you wish to discuss this.
auth failure: "Sorry, could not log in with those details."
openid_logo_alt: "Log in with an OpenID"
auth_providers:
openid:
title: Login with OpenID
alt: Login with an OpenID URL
google:
title: Login with Google
alt: Login with a Google OpenID
facebook:
title: Login with Facebook
alt: Login with a Facebook Account
windowslive:
title: Login with Windows Live
alt: Login with a Windows Live Account
github:
title: Login with GitHub
alt: Login with a GitHub Account
wikipedia:
title: Login with Wikipedia
alt: Login with a Wikipedia Account
yahoo:
title: Login with Yahoo
alt: Login with a Yahoo OpenID
wordpress:
title: Login with Wordpress
alt: Login with a Wordpress OpenID
aol:
title: Login with AOL
alt: Login with an AOL OpenID
destroy:
title: "Logout"
heading: "Logout from OpenStreetMap"
logout_button: "Logout"
shared:
markdown_help:
title_html: Parsed with <a href="https://kramdown.gettalong.org/quickref.html">kramdown</a>
@ -2221,58 +2274,6 @@ en:
destroy:
flash: "Destroyed the client application registration"
users:
login:
title: "Login"
heading: "Login"
email or username: "Email Address or Username:"
password: "Password:"
openid_html: "%{logo} OpenID:"
remember: "Remember me"
lost password link: "Lost your password?"
login_button: "Login"
register now: Register now
with username: "Already have an OpenStreetMap account? Please login with your username and password:"
with external: "Alternatively, use a third party to login:"
new to osm: New to OpenStreetMap?
to make changes: To make changes to the OpenStreetMap data, you must have an account.
create account minute: Create an account. It only takes a minute.
no account: Don't have an account?
account not active: "Sorry, your account is not active yet.<br />Please use the link in the account confirmation email to activate your account, or <a href=\"%{reconfirm}\">request a new confirmation email</a>."
account is suspended: Sorry, your account has been suspended due to suspicious activity.<br />Please contact the <a href="%{webmaster}">webmaster</a> if you wish to discuss this.
auth failure: "Sorry, could not log in with those details."
openid_logo_alt: "Log in with an OpenID"
auth_providers:
openid:
title: Login with OpenID
alt: Login with an OpenID URL
google:
title: Login with Google
alt: Login with a Google OpenID
facebook:
title: Login with Facebook
alt: Login with a Facebook Account
windowslive:
title: Login with Windows Live
alt: Login with a Windows Live Account
github:
title: Login with GitHub
alt: Login with a GitHub Account
wikipedia:
title: Login with Wikipedia
alt: Login with a Wikipedia Account
yahoo:
title: Login with Yahoo
alt: Login with a Yahoo OpenID
wordpress:
title: Login with Wordpress
alt: Login with a Wordpress OpenID
aol:
title: Login with AOL
alt: Login with an AOL OpenID
logout:
title: "Logout"
heading: "Logout from OpenStreetMap"
logout_button: "Logout"
lost_password:
title: "Lost password"
heading: "Forgotten Password?"

5
config/routes.rb
View file

@ -145,8 +145,9 @@ OpenStreetMap::Application.routes.draw do
get "/history/feed" => "changesets#feed", :defaults => { :format => :atom }
get "/history/comments/feed" => "changeset_comments#index", :as => :changesets_comments_feed, :defaults => { :format => "rss" }
get "/export" => "site#export"
match "/login" => "users#login", :via => [:get, :post]
match "/logout" => "users#logout", :via => [:get, :post]
get "/login" => "sessions#new"
post "/login" => "sessions#create"
match "/logout" => "sessions#destroy", :via => [:get, :post]
get "/offline" => "site#offline"
get "/key" => "site#key"
get "/id" => "site#id"

20
test/controllers/users_controller_test.rb
View file

@ -6,27 +6,27 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
def test_routes
assert_routing(
{ :path => "/login", :method => :get },
{ :controller => "users", :action => "login" }
{ :controller => "sessions", :action => "new" }
)
assert_routing(
{ :path => "/login", :method => :post },
{ :controller => "users", :action => "login" }
{ :controller => "sessions", :action => "create" }
)
assert_recognizes(
{ :controller => "users", :action => "login", :format => "html" },
{ :controller => "sessions", :action => "new", :format => "html" },
{ :path => "/login.html", :method => :get }
)
assert_routing(
{ :path => "/logout", :method => :get },
{ :controller => "users", :action => "logout" }
{ :controller => "sessions", :action => "destroy" }
)
assert_routing(
{ :path => "/logout", :method => :post },
{ :controller => "users", :action => "logout" }
{ :controller => "sessions", :action => "destroy" }
)
assert_recognizes(
{ :controller => "users", :action => "logout", :format => "html" },
{ :controller => "sessions", :action => "destroy", :format => "html" },
{ :path => "/logout.html", :method => :get }
)
@ -414,11 +414,11 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path(:cookie_test => true)
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
get login_path, :params => { :username => user.display_name, :password => "test" }
assert_response :success
assert_template "login"
assert_template "sessions/new"
post login_path, :params => { :username => user.display_name, :password => "test" }
assert_response :redirect
@ -440,14 +440,14 @@ class UsersControllerTest < ActionDispatch::IntegrationTest
def test_logout_fallback_without_referer
get logout_path
assert_response :success
assert_template :logout
assert_template "sessions/destroy"
assert_select "input[name=referer]:not([value])"
end
def test_logout_fallback_with_referer
get logout_path, :params => { :referer => "/test" }
assert_response :success
assert_template :logout
assert_template "sessions/destroy"
assert_select "input[name=referer][value=?]", "/test"
end

2
test/integration/user_changeset_comments_test.rb
View file

@ -30,7 +30,7 @@ class UserChangesetCommentsTest < ActionDispatch::IntegrationTest
follow_redirect!
# We should now be at the login page
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
# We can now login
post "/login", :params => { "username" => user.email, "password" => "test" }
assert_response :redirect

2
test/integration/user_diaries_test.rb
View file

@ -11,7 +11,7 @@ class UserDiariesTest < ActionDispatch::IntegrationTest
follow_redirect!
# We should now be at the login page
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
# We can now login
post "/login", :params => { "username" => user.email, "password" => "test", :referer => "/diary/new" }
assert_response :redirect

94
test/integration/user_login_test.rb
View file

@ -47,7 +47,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.email.titlecase, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
end
@ -111,7 +111,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.email, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
assert_select "div.flash.error", /your account has been suspended/ do
assert_select "a[href='mailto:openstreetmap@example.com']", "webmaster"
@ -123,7 +123,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.email.upcase, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
assert_select "div.flash.error", /your account has been suspended/ do
assert_select "a[href='mailto:openstreetmap@example.com']", "webmaster"
@ -135,7 +135,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.email.titlecase, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
assert_select "div.flash.error", /your account has been suspended/ do
assert_select "a[href='mailto:openstreetmap@example.com']", "webmaster"
@ -204,7 +204,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.display_name.downcase, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
end
@ -268,7 +268,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.display_name, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
assert_select "div.flash.error", /your account has been suspended/ do
assert_select "a[href='mailto:openstreetmap@example.com']", "webmaster"
@ -280,7 +280,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.display_name.upcase, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
assert_select "div.flash.error", /your account has been suspended/ do
assert_select "a[href='mailto:openstreetmap@example.com']", "webmaster"
@ -292,7 +292,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
try_password_login user.display_name.downcase, "test"
assert_template "login"
assert_template "sessions/new"
assert_select "span.username", false
assert_select "div.flash.error", /your account has been suspended/ do
assert_select "a[href='mailto:openstreetmap@example.com']", "webmaster"
@ -358,7 +358,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path(:cookie_test => true, :referer => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/john.doe", :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -379,7 +379,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path(:cookie_test => true, :referer => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "openid", :openid_url => user.auth_uid, :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "openid", :openid_url => user.auth_uid, :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -390,7 +390,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Connection to authentication provider failed"
assert_select "span.username", false
end
@ -404,7 +404,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path(:cookie_test => true, :referer => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "openid", :openid_url => user.auth_uid, :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "openid", :openid_url => user.auth_uid, :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -415,7 +415,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Invalid authentication credentials"
assert_select "span.username", false
end
@ -428,7 +428,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path(:cookie_test => true, :referer => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/fred.bloggs", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/fred.bloggs", :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -451,7 +451,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "google", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
@ -471,7 +471,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "google", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
@ -482,7 +482,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Connection to authentication provider failed"
assert_select "span.username", false
end
@ -495,7 +495,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "google", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
@ -506,7 +506,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Invalid authentication credentials"
assert_select "span.username", false
end
@ -521,7 +521,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "google", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
@ -544,7 +544,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "google", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "google")
@ -569,7 +569,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "facebook", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "facebook")
@ -589,7 +589,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "facebook", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "facebook")
@ -600,7 +600,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Connection to authentication provider failed"
assert_select "span.username", false
end
@ -613,7 +613,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "facebook", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "facebook")
@ -624,7 +624,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Invalid authentication credentials"
assert_select "span.username", false
end
@ -637,7 +637,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "facebook", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "facebook")
@ -658,7 +658,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
@ -678,7 +678,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
@ -689,7 +689,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Connection to authentication provider failed"
assert_select "span.username", false
end
@ -702,7 +702,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
@ -713,7 +713,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Invalid authentication credentials"
assert_select "span.username", false
end
@ -726,7 +726,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "windowslive", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "windowslive")
@ -747,7 +747,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "github")
@ -767,7 +767,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "github")
@ -778,7 +778,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Connection to authentication provider failed"
assert_select "span.username", false
end
@ -791,7 +791,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "github")
@ -802,7 +802,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Invalid authentication credentials"
assert_select "span.username", false
end
@ -815,7 +815,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "github", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "github")
@ -836,7 +836,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -856,7 +856,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -867,7 +867,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Connection to authentication provider failed"
assert_select "span.username", false
end
@ -880,7 +880,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -891,7 +891,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "div.flash.error", "Invalid authentication credentials"
assert_select "span.username", false
end
@ -904,7 +904,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path("cookie_test" => "true", "referer" => "/history")
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post auth_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
assert_response :redirect
assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/login?referer=%2Fhistory", :referer => "/history")
@ -924,7 +924,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_redirected_to login_path(:cookie_test => true)
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "input#username", 1 do
assert_select "[value]", false
end
@ -939,7 +939,7 @@ class UserLoginTest < ActionDispatch::IntegrationTest
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "login"
assert_template "sessions/new"
assert_select "input#username", 1 do
assert_select "[value=?]", username
end

4
test/integration/user_terms_seen_test.rb
View file

@ -22,7 +22,7 @@ class UserTermsSeenTest < ActionDispatch::IntegrationTest
get "/login"
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
assert_response :redirect
# but now we need to look at the terms
@ -47,7 +47,7 @@ class UserTermsSeenTest < ActionDispatch::IntegrationTest
get "/login"
follow_redirect!
assert_response :success
assert_template "users/login"
assert_template "sessions/new"
post "/login", :params => { :username => user.email, :password => "test", :referer => "/diary/new" }
assert_response :redirect
# but now we need to look at the terms

2
test/system/issues_test.rb
View file

@ -5,7 +5,7 @@ class IssuesTest < ApplicationSystemTestCase
def test_view_issues_not_logged_in
visit issues_path
assert page.has_content?(I18n.t("users.login.title"))
assert page.has_content?(I18n.t("sessions.new.title"))
end
def test_view_issues_normal_user