1 files changed, 24 insertions, 1 deletions

diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t
index 8d60137a2..bec8698d5 100644
--- a/t/app/controller/auth.t
+++ b/t/app/controller/auth.t
@@ -5,7 +5,7 @@ my $mech = FixMyStreet::TestMech->new;
 
 my $test_email    = 'test@example.com';
 my $test_email3   = 'newuser@example.org';
-my $test_password = 'foobar';
+my $test_password = 'foobar123';
 
 END {
     done_testing();
@@ -276,3 +276,26 @@ subtest "check logging in with token" => sub {
 
     $mech->delete_header('Authorization');
 };
+
+subtest 'check password length/common' => sub {
+    $mech->get_ok('/auth');
+    $mech->submit_form_ok({
+        form_name => 'general_auth',
+        fields => { username => $test_email, password_register => 'short' },
+        button => 'sign_in_by_code',
+    });
+    $mech->content_contains("Please make sure your password is at least");
+    $mech->submit_form_ok({
+        form_name => 'general_auth',
+        fields => { username => $test_email, password_register => 'common' },
+        button => 'sign_in_by_code',
+    });
+    $mech->content_contains("Please choose a less commonly-used password");
+};
+
+subtest 'check common password AJAX call' => sub {
+    $mech->post_ok('/auth/common_password', { password_register => 'password' });
+    $mech->content_contains("Please choose a less commonly-used password");
+    $mech->post_ok('/auth/common_password', { password_register => 'squirblewirble' });
+    $mech->content_contains("true");
+};