defmodule PhilomenaWeb.UnlockControllerTest do
  use PhilomenaWeb.ConnCase, async: true

  alias Philomena.Users
  alias Philomena.Repo
  alias Phoenix.Flash
  import Philomena.UsersFixtures

  setup do
    %{user: locked_user_fixture()}
  end

  describe "GET /unlocks/new" do
    test "renders the unlock page", %{conn: conn} do
      conn = get(conn, Routes.unlock_path(conn, :new))
      response = html_response(conn, 200)
      assert response =~ "<h1>Resend unlock instructions</h1>"
    end
  end

  describe "POST /unlocks" do
    @tag :capture_log
    test "sends a new unlock token", %{conn: conn, user: user} do
      conn =
        post(conn, Routes.unlock_path(conn, :create), %{
          "user" => %{"email" => user.email}
        })

      assert redirected_to(conn) == "/"
      assert Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system"
      assert Repo.get_by!(Users.UserToken, user_id: user.id).context == "unlock"
    end

    test "does not send unlock token if account is not locked", %{conn: conn, user: user} do
      Repo.update!(Users.User.unlock_changeset(user))

      conn =
        post(conn, Routes.unlock_path(conn, :create), %{
          "user" => %{"email" => user.email}
        })

      assert redirected_to(conn) == "/"
      assert Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system"
      refute Repo.get_by(Users.UserToken, user_id: user.id)
    end

    test "does not send unlock token if email is invalid", %{conn: conn} do
      conn =
        post(conn, Routes.unlock_path(conn, :create), %{
          "user" => %{"email" => "unknown@example.com"}
        })

      assert redirected_to(conn) == "/"
      assert Flash.get(conn.assigns.flash, :info) =~ "If your email is in our system"
      assert Repo.all(Users.UserToken) == []
    end
  end

  describe "GET /unlocks/:id" do
    test "confirms the given token once", %{conn: conn, user: user} do
      token =
        extract_user_token(fn url ->
          Users.deliver_user_unlock_instructions(user, url)
        end)

      conn = get(conn, Routes.unlock_path(conn, :show, token))
      assert redirected_to(conn) == "/"
      assert Flash.get(conn.assigns.flash, :info) =~ "Account unlocked successfully"
      refute Users.get_user!(user.id).locked_at
      refute get_session(conn, :user_token)
      assert Repo.all(Users.UserToken) == []

      conn = get(conn, Routes.unlock_path(conn, :show, token))
      assert redirected_to(conn) == "/"
      assert Flash.get(conn.assigns.flash, :error) =~ "Unlock link is invalid or it has expired"
    end

    test "does not unlock with invalid token", %{conn: conn, user: user} do
      conn = get(conn, Routes.unlock_path(conn, :show, "oops"))
      assert redirected_to(conn) == "/"
      assert Flash.get(conn.assigns.flash, :error) =~ "Unlock link is invalid or it has expired"
      assert Users.get_user!(user.id).locked_at
    end
  end
end