From 3e201f8d48554ab8c4b8132eaa50b5fe7dd1d67e Mon Sep 17 00:00:00 2001
From: Matthew Somerville <matthew-github@dracos.co.uk>
Date: Thu, 1 Feb 2018 14:37:35 +0000
Subject: Add length/common password checking.

---
 t/app/controller/auth.t | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

(limited to 't/app/controller/auth.t')

diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t
index 8d60137a2..bec8698d5 100644
--- a/t/app/controller/auth.t
+++ b/t/app/controller/auth.t
@@ -5,7 +5,7 @@ my $mech = FixMyStreet::TestMech->new;
 
 my $test_email    = 'test@example.com';
 my $test_email3   = 'newuser@example.org';
-my $test_password = 'foobar';
+my $test_password = 'foobar123';
 
 END {
     done_testing();
@@ -276,3 +276,26 @@ subtest "check logging in with token" => sub {
 
     $mech->delete_header('Authorization');
 };
+
+subtest 'check password length/common' => sub {
+    $mech->get_ok('/auth');
+    $mech->submit_form_ok({
+        form_name => 'general_auth',
+        fields => { username => $test_email, password_register => 'short' },
+        button => 'sign_in_by_code',
+    });
+    $mech->content_contains("Please make sure your password is at least");
+    $mech->submit_form_ok({
+        form_name => 'general_auth',
+        fields => { username => $test_email, password_register => 'common' },
+        button => 'sign_in_by_code',
+    });
+    $mech->content_contains("Please choose a less commonly-used password");
+};
+
+subtest 'check common password AJAX call' => sub {
+    $mech->post_ok('/auth/common_password', { password_register => 'password' });
+    $mech->content_contains("Please choose a less commonly-used password");
+    $mech->post_ok('/auth/common_password', { password_register => 'squirblewirble' });
+    $mech->content_contains("true");
+};
-- 
cgit v1.2.3