require 'test_helper' if ENV['VALIDATE_SESSION_EVEN_IN_NOT_LOGIN_AREA'] == 'true' class TimeoutableIntegrationTest < ActionDispatch::IntegrationTest def setup @user = Fabricate(:user) post 'session', username_or_email: @user.email, password: 'password' end test "should set goma.last_request_at immediately after login" do assert request.env['warden'].session(:user)['goma.last_request_at'] Timecop.freeze 30.minutes.from_now get 'secret/index' assert_redirected_to root_url Timecop.return end test "should timeout" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 29.minutes.from_now get 'secret/index' assert_response :success Timecop.freeze 30.minutes.from_now get 'secret/index' assert_redirected_to root_url Timecop.return end test "should not timeout if accessed a page which does not require login" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 20.minutes.from_now get '/' assert_response :success Timecop.freeze 20.minutes.from_now get 'secret/index' assert_response :success Timecop.return end test "should timeout if accessing skip_trackabled action" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 20.minutes.from_now get 'secret/not_track' assert_response :success Timecop.freeze 20.minutes.from_now get 'secret/not_track' assert_redirected_to root_url Timecop.return end test "should not timeout but update last_request_at by accessing skip_timeout action" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 60.minutes.from_now get 'secret/not_timeout' assert_response :success Timecop.freeze 29.minutes.from_now get 'secret/index' assert_response :success Timecop.freeze 60.minutes.from_now get 'secret/not_timeout' assert_response :success Timecop.freeze 30.minutes.from_now get 'secret/index' assert_redirected_to root_url Timecop.return end test "should not timeout nor update last_request_at by accessing skip_validate_session action" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 60.minutes.from_now get 'secret/not_validate_session' assert_response :success get 'secret/index' assert_redirected_to root_url Timecop.return end end else class TimeoutableIntegrationTest < ActionDispatch::IntegrationTest def setup @user = Fabricate(:user) post 'session', username_or_email: @user.email, password: 'password' end test "should set goma.last_request_at immediately after login" do assert request.env['warden'].session(:user)['goma.last_request_at'] Timecop.freeze 30.minutes.from_now get 'secret/index' assert_redirected_to root_url Timecop.return end test "should timeout" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 29.minutes.from_now get 'secret/index' assert_response :success Timecop.freeze 30.minutes.from_now get 'secret/index' assert_redirected_to root_url Timecop.return end test "should timeout if accessed a page which does not require login" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 20.minutes.from_now get '/' assert_response :success Timecop.freeze 20.minutes.from_now get 'secret/index' assert_redirected_to root_url Timecop.return end test "should timeout if accessing skip_trackabled action" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 20.minutes.from_now get 'secret/not_track' assert_response :success Timecop.freeze 20.minutes.from_now get 'secret/not_track' assert_redirected_to root_url Timecop.return end test "should not timeout but update last_request_at by accessing skip_timeout action" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 60.minutes.from_now get 'secret/not_timeout' assert_response :success Timecop.freeze 29.minutes.from_now get 'secret/index' assert_response :success Timecop.freeze 60.minutes.from_now get 'secret/not_timeout' assert_response :success Timecop.freeze 30.minutes.from_now get 'secret/index' assert_redirected_to root_url Timecop.return end test "should not timeout nor update last_request_at by accessing skip_validate_session action" do Timecop.freeze Time.now get 'secret/index' Timecop.freeze 60.minutes.from_now get 'secret/not_validate_session' assert_response :success get 'secret/index' assert_redirected_to root_url Timecop.return end end end