Sha256: b903f21020b905274c5297101679e5991306446ce1fa1c321ae6325f0c338009
Contents?: true
Size: 1.76 KB
Versions: 18
Compression:
Stored size: 1.76 KB
Contents
require File.expand_path("spec_helper", File.dirname(__FILE__))
describe 'Rodauth session expiration feature' do
it "should expire sessions based on last activity and max lifetime checks" do
inactivity = max_lifetime = 300
expiration_default = true
rodauth do
enable :login, :session_expiration
session_expiration_default{expiration_default}
session_inactivity_timeout{inactivity}
max_session_lifetime{max_lifetime}
end
roda do |r|
rodauth.check_session_expiration
r.rodauth
r.get("remove-creation"){session.delete(:session_created_at); r.redirect '/'}
r.get("set-creation"){session[:session_created_at] = Time.now.to_i - 100000; r.redirect '/'}
r.root{view :content=>rodauth.logged_in? ? "Logged In" : "Not Logged"}
end
visit '/'
page.body.must_include "Not Logged"
login
page.body.must_include "Logged In"
inactivity = -1
visit '/'
page.title.must_equal 'Login'
page.find('#error_flash').text.must_equal "This session has expired, please login again."
login
page.title.must_equal 'Login'
page.find('#error_flash').text.must_equal "This session has expired, please login again."
inactivity = 10
login
page.body.must_include "Logged In"
visit '/set-creation'
page.title.must_equal 'Login'
page.find('#error_flash').text.must_equal "This session has expired, please login again."
login
page.body.must_include "Logged In"
visit '/remove-creation'
page.title.must_equal 'Login'
page.find('#error_flash').text.must_equal "This session has expired, please login again."
expiration_default = false
login
page.body.must_include "Logged In"
visit '/remove-creation'
page.body.must_include "Logged In"
end
end
Version data entries
18 entries across 18 versions & 1 rubygems