require File.dirname(__FILE__) + '/../test_helper' require '<%= sessions_controller_name %>_controller' # Re-raise errors caught by the controller. class <%= sessions_controller_class_name %>Controller; def rescue_action(e) raise e end; end class <%= sessions_controller_class_name %>ControllerTest < ActionController::TestCase # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead # Then, you can remove it from this and the units test. include <%= class_name %>AuthenticatedTestHelper fixtures :<%= table_name %> def test_should_login_and_redirect post :create, :login => 'quentin', :password => 'monkey' assert session[:<%= file_name %>_id] assert_response :redirect end def test_should_fail_login_and_not_redirect post :create, :login => 'quentin', :password => 'bad password' assert_nil session[:<%= file_name %>_id] assert_response :success end def test_should_logout login_as :quentin get :destroy assert_nil session[:<%= file_name %>_id] assert_response :redirect end def test_should_remember_me @request.cookies["auth_token"] = nil post :create, :login => 'quentin', :password => 'monkey', :remember_me => "1" assert_not_nil @response.cookies["auth_token"] end def test_should_not_remember_me @request.cookies["auth_token"] = nil post :create, :login => 'quentin', :password => 'monkey', :remember_me => "0" puts @response.cookies["auth_token"] assert @response.cookies["auth_token"].blank? end def test_should_delete_token_on_logout login_as :quentin get :destroy assert @response.cookies["auth_token"].blank? end def test_should_login_with_cookie <%= table_name %>(:quentin).remember_me @request.cookies["auth_token"] = cookie_for(:quentin) get :new assert @controller.send(:logged_in?) end def test_should_fail_expired_cookie_login <%= table_name %>(:quentin).remember_me <%= table_name %>(:quentin).update_attribute :remember_token_expires_at, 5.minutes.ago @request.cookies["auth_token"] = cookie_for(:quentin) get :new assert !@controller.send(:logged_in?) end def test_should_fail_cookie_login <%= table_name %>(:quentin).remember_me @request.cookies["auth_token"] = auth_token('invalid_auth_token') get :new assert !@controller.send(:logged_in?) end protected def auth_token(token) CGI::Cookie.new('name' => 'auth_token', 'value' => token) end def cookie_for(<%= file_name %>) auth_token <%= table_name %>(<%= file_name %>).remember_token end end