2020-07-28 22:56:26 +02:00
|
|
|
defmodule PhilomenaWeb.UnlockControllerTest do
|
|
|
|
|
use PhilomenaWeb.ConnCase, async: true
|
|
|
|
|
|
|
|
|
|
alias Philomena.Users
|
|
|
|
|
alias Philomena.Repo
|
2023-05-18 16:23:17 +02:00
|
|
|
alias Phoenix.Flash
|
2020-07-28 22:56:26 +02:00
|
|
|
import Philomena.UsersFixtures
|
|
|
|
|
|
|
|
|
|
setup do
|
|
|
|
|
%{user: locked_user_fixture()}
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe "GET /unlocks/new" do
|
|
|
|
|
test "renders the unlock page", %{conn: conn} do
|
2024-04-29 02:55:27 +02:00
|
|
|
conn = get(conn, ~p"/unlocks/new")
|
2020-07-28 22:56:26 +02:00
|
|
|
response = html_response(conn, 200)
|
|
|
|
|
assert response =~ "<h1>Resend unlock instructions</h1>"
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe "POST /unlocks" do
|
|
|
|
|
@tag :capture_log
|
|
|
|
|
test "sends a new unlock token", %{conn: conn, user: user} do
|
|
|
|
|
conn =
|
2024-04-29 02:55:27 +02:00
|
|
|
post(conn, ~p"/unlocks", %{
|
2020-07-28 22:56:26 +02:00
|
|
|
"user" => %{"email" => user.email}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
assert redirected_to(conn) == "/"
|
2023-05-18 16:23:17 +02:00
|
|
|
assert Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system"
|
2020-07-28 22:56:26 +02:00
|
|
|
assert Repo.get_by!(Users.UserToken, user_id: user.id).context == "unlock"
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
test "does not send unlock token if account is not locked", %{conn: conn, user: user} do
|
|
|
|
|
Repo.update!(Users.User.unlock_changeset(user))
|
|
|
|
|
|
|
|
|
|
conn =
|
2024-04-29 02:55:27 +02:00
|
|
|
post(conn, ~p"/unlocks", %{
|
2020-07-28 22:56:26 +02:00
|
|
|
"user" => %{"email" => user.email}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
assert redirected_to(conn) == "/"
|
2023-05-18 16:23:17 +02:00
|
|
|
assert Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system"
|
2020-07-28 22:56:26 +02:00
|
|
|
refute Repo.get_by(Users.UserToken, user_id: user.id)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
test "does not send unlock token if email is invalid", %{conn: conn} do
|
|
|
|
|
conn =
|
2024-04-29 02:55:27 +02:00
|
|
|
post(conn, ~p"/unlocks", %{
|
2020-07-28 22:56:26 +02:00
|
|
|
"user" => %{"email" => "unknown@example.com"}
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
assert redirected_to(conn) == "/"
|
2023-05-18 16:23:17 +02:00
|
|
|
assert Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system"
|
2020-07-28 22:56:26 +02:00
|
|
|
assert Repo.all(Users.UserToken) == []
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe "GET /unlocks/:id" do
|
|
|
|
|
test "confirms the given token once", %{conn: conn, user: user} do
|
|
|
|
|
token =
|
|
|
|
|
extract_user_token(fn url ->
|
|
|
|
|
Users.deliver_user_unlock_instructions(user, url)
|
|
|
|
|
end)
|
|
|
|
|
|
2024-04-29 02:55:27 +02:00
|
|
|
conn = get(conn, ~p"/unlocks/#{token}")
|
2020-07-28 22:56:26 +02:00
|
|
|
assert redirected_to(conn) == "/"
|
2023-05-18 16:23:17 +02:00
|
|
|
assert Flash.get(conn.assigns.flash, :info) =~ "Account unlocked successfully"
|
2020-07-28 22:56:26 +02:00
|
|
|
refute Users.get_user!(user.id).locked_at
|
|
|
|
|
refute get_session(conn, :user_token)
|
|
|
|
|
assert Repo.all(Users.UserToken) == []
|
|
|
|
|
|
2024-04-29 02:55:27 +02:00
|
|
|
conn = get(conn, ~p"/unlocks/#{token}")
|
2020-07-28 22:56:26 +02:00
|
|
|
assert redirected_to(conn) == "/"
|
2023-05-18 16:23:17 +02:00
|
|
|
assert Flash.get(conn.assigns.flash, :error) =~ "Unlock link is invalid or it has expired"
|
2020-07-28 22:56:26 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
test "does not unlock with invalid token", %{conn: conn, user: user} do
|
2024-04-29 02:55:27 +02:00
|
|
|
conn = get(conn, ~p"/unlocks/oops")
|
2020-07-28 22:56:26 +02:00
|
|
|
assert redirected_to(conn) == "/"
|
2023-05-18 16:23:17 +02:00
|
|
|
assert Flash.get(conn.assigns.flash, :error) =~ "Unlock link is invalid or it has expired"
|
2020-07-28 22:56:26 +02:00
|
|
|
assert Users.get_user!(user.id).locked_at
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
