Sha256: e1547942b8f4b56fafd5df0820477b786096c67a0597a031c93089f1323dd197
Contents?: true
Size: 1.17 KB
Versions: 2
Compression:
Stored size: 1.17 KB
Contents
require 'spec_helper'
class ForgeriesController < ActionController::Base
include Clearance::Controller
protect_from_forgery
before_filter :authorize
# This is off in test by default, but we need it for this test
self.allow_forgery_protection = true
def create
redirect_to action: 'index'
end
end
describe ForgeriesController do
context 'signed in user' do
before do
Rails.application.routes.draw do
resources :forgeries
get '/sign_in' => 'clearance/sessions#new', as: 'sign_in'
end
@user = create(:user)
@user.update_attribute(:remember_token, 'old-token')
@request.cookies['remember_token'] = 'old-token'
end
after do
Rails.application.reload_routes!
end
it 'succeeds with authentic token' do
token = controller.send(:form_authenticity_token)
post :create, authenticity_token: token
expect(subject).to redirect_to(action: 'index')
end
it 'fails with invalid token' do
post :create, authenticity_token: 'hax0r'
expect(subject).to deny_access
end
it 'fails with no token' do
post :create
expect(subject).to deny_access
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| clearance-1.6.1 | spec/controllers/forgeries_controller_spec.rb |
| clearance-1.6.0 | spec/controllers/forgeries_controller_spec.rb |