generate unique session key instead of id.HEADmaster

2 files changed, 4 insertions, 4 deletions

diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index 6c4756a..c8e472d 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -12,7 +12,7 @@ describe ApplicationController do
     let(:user) { create(:user, password: 'password', password_confirmation: 'password') }
     let(:user_session) { create(:session, user: user) }
 
-    before { cookies.signed[:raphael] = user_session.id }
+    before { cookies.signed[:raphael] = user_session.key }
     before { get :index }
 
     it "lets you continue to do whatever the heck you were trying to do" do
@@ -26,7 +26,7 @@ describe ApplicationController do
 
   context "when not signed in" do
     before :each do
-      cookies.signed[:raphael] = rand(100)
+      cookies.signed[:raphael] = SecureRandom.uuid
       get :index
     end
 
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb
index 9a5144c..fdfbd53 100644
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -35,7 +35,7 @@ describe SessionsController do
       end
 
       it 'assigns a session key to a secure cookie' do
-        expect(cookies.signed[:raphael]).to eql(Session.last.id)
+        expect(cookies.signed[:raphael]).to eql(Session.last.key)
       end
     end
   end
@@ -44,7 +44,7 @@ describe SessionsController do
     let(:user_session) { create(:session) }
 
     before :each do
-      cookies.signed[:raphael] = user_session.id
+      cookies.signed[:raphael] = user_session.key
       delete :destroy, { id: 'mine' }
     end