Allow users to create an account, confirm it and logout

1 files changed, 127 insertions, 0 deletions

diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t
new file mode 100644
index 000000000..0a0280494
--- /dev/null
+++ b/t/app/controller/auth.t
@@ -0,0 +1,127 @@
+use strict;
+use warnings;
+
+BEGIN {
+    use FixMyStreet;
+    FixMyStreet->test_mode(1);
+}
+
+use Test::More tests => 44;
+use Email::Send::Test;
+
+use FixMyStreet::App;
+
+use Test::WWW::Mechanize::Catalyst 'FixMyStreet::App';
+my $mech = Test::WWW::Mechanize::Catalyst->new;
+
+my $test_email = 'test@example.com';
+
+END {
+    ok(
+        FixMyStreet::App->model('DB::User')->find( { email => $test_email } )
+          ->delete,
+        "delete test user"
+    );
+}
+
+$mech->get_ok('/auth');
+
+# check that we can't reach a page that is only available to authenticated users
+is $mech->get('/auth/check_auth')->code, 401, "got 401 at check_auth";
+
+# check that submitting form with no / bad email creates an error.
+$mech->get_ok('/auth');
+
+for my $test (
+    [ ''                         => 'enter an email address' ],
+    [ 'not an email'             => 'check your email address is correct' ],
+    [ 'bob@foo'                  => 'check your email address is correct' ],
+    [ 'bob@foonaoedudnueu.co.uk' => 'check your email address is correct' ],
+  )
+{
+    my ( $email, $error_message ) = @$test;
+    pass "--- testing bad email '$email' gives error '$error_message'";
+    $mech->get_ok('/auth');
+    $mech->content_lacks($error_message);
+    $mech->submit_form_ok(
+        {
+            form_name => 'general_auth',
+            fields    => { email => $email, },
+            button    => 'create_account',
+        },
+        "try to create an account with email '$email'"
+    );
+    is $mech->uri->path, '/auth', "still on auth page";
+    $mech->content_contains($error_message);
+}
+
+# create a new account
+Email::Send::Test->clear;
+$mech->get_ok('/auth');
+$mech->submit_form_ok(
+    {
+        form_name => 'general_auth',
+        fields    => { email => $test_email, },
+        button    => 'create_account',
+    },
+    "create an account for '$test_email'"
+);
+is $mech->uri->path, '/auth/welcome', "redirected to welcome page";
+
+# check that we are now logged in
+$mech->get_ok("/auth/check_auth");
+
+# check that we got one email
+{
+    my @emails = Email::Send::Test->emails;
+    Email::Send::Test->clear;
+
+    is scalar(@emails), 1, "got one email";
+    is $emails[0]->header('Subject'), "Your new FixMyStreet.com account",
+      "subject is correct";
+    is $emails[0]->header('To'), $test_email, "to is correct";
+
+    # extract the link
+    my ($link) = $emails[0]->body =~ m{(http://\S+)};
+    ok $link, "Found a link in email '$link'";
+
+    # check that the user is currently not confirmed
+    my $user =
+      FixMyStreet::App->model('DB::User')->find( { email => $test_email } );
+    ok $user, "got a user";
+    ok !$user->is_confirmed, "user has not been confirmed";
+
+    # visit the confirm link (with bad token) and check user no confirmed
+    $mech->get_ok( $link . 'XXX' );
+    $user->discard_changes;
+    ok !$user->is_confirmed, "user has not been confirmed";
+
+    # visit the confirm link and check user is confirmed
+    $mech->get_ok($link);
+    $user->discard_changes;
+    ok $user->is_confirmed, "user has been confirmed";
+}
+
+# logout
+$mech->get_ok("/auth/logout");
+is $mech->get('/auth/check_auth')->code, 401, "got 401 at check_auth";
+
+# login using valid details
+
+# logout
+
+# try to login with bad details
+
+# try to create an account with bad details
+
+# get a password reset email (for bad email address)
+
+# get a password reminder (for good email address)
+
+# try using  bad reset token
+
+# use the good reset token and change the password
+
+# try to use the good token again
+
+# delete the test user