diff options
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/application_controller_spec.rb | 4 | ||||
| -rw-r--r-- | spec/controllers/sessions_controller_spec.rb | 4 | ||||
| -rw-r--r-- | spec/models/session_spec.rb | 5 | ||||
| -rw-r--r-- | spec/support/authentication.rb | 2 |
4 files changed, 8 insertions, 7 deletions
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index 6c4756a..c8e472d 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -12,7 +12,7 @@ describe ApplicationController do let(:user) { create(:user, password: 'password', password_confirmation: 'password') } let(:user_session) { create(:session, user: user) } - before { cookies.signed[:raphael] = user_session.id } + before { cookies.signed[:raphael] = user_session.key } before { get :index } it "lets you continue to do whatever the heck you were trying to do" do @@ -26,7 +26,7 @@ describe ApplicationController do context "when not signed in" do before :each do - cookies.signed[:raphael] = rand(100) + cookies.signed[:raphael] = SecureRandom.uuid get :index end diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index 9a5144c..fdfbd53 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -35,7 +35,7 @@ describe SessionsController do end it 'assigns a session key to a secure cookie' do - expect(cookies.signed[:raphael]).to eql(Session.last.id) + expect(cookies.signed[:raphael]).to eql(Session.last.key) end end end @@ -44,7 +44,7 @@ describe SessionsController do let(:user_session) { create(:session) } before :each do - cookies.signed[:raphael] = user_session.id + cookies.signed[:raphael] = user_session.key delete :destroy, { id: 'mine' } end diff --git a/spec/models/session_spec.rb b/spec/models/session_spec.rb index 4195404..4da0210 100644 --- a/spec/models/session_spec.rb +++ b/spec/models/session_spec.rb @@ -7,6 +7,7 @@ describe Session do session = Session.last expect(session.user_id).to eql(1) expect(session.ip_address).to eql("127.0.0.1") + expect(session.key).to_not be_nil end end @@ -15,7 +16,7 @@ describe Session do context "when the session key is legit" do it 'returns the session' do - expect(Session.authenticate!(user_session.id)).to eql(user_session) + expect(Session.authenticate!(user_session.key)).to eql(user_session) end end @@ -29,7 +30,7 @@ describe Session do let(:revoked_session) { create(:session, revoked_at: Time.now) } it 'raises an error' do - expect(-> { Session.authenticate(revoked_session.id) }).to raise_error + expect(-> { Session.authenticate(revoked_session.key) }).to raise_error end end end diff --git a/spec/support/authentication.rb b/spec/support/authentication.rb index 18c4f31..47a7dc6 100644 --- a/spec/support/authentication.rb +++ b/spec/support/authentication.rb @@ -1,6 +1,6 @@ module HttpAuthentication def http_login(user, password = 'password') user_session = create(:session, user: user) - cookies.signed[:raphael] = user_session.id + cookies.signed[:raphael] = user_session.key end end |