1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
use strict;
use warnings;
BEGIN {
use FixMyStreet;
FixMyStreet->test_mode(1);
}
use Test::More tests => 44;
use Email::Send::Test;
use FixMyStreet::App;
use Test::WWW::Mechanize::Catalyst 'FixMyStreet::App';
my $mech = Test::WWW::Mechanize::Catalyst->new;
my $test_email = 'test@example.com';
END {
ok(
FixMyStreet::App->model('DB::User')->find( { email => $test_email } )
->delete,
"delete test user"
);
}
$mech->get_ok('/auth');
# check that we can't reach a page that is only available to authenticated users
is $mech->get('/auth/check_auth')->code, 401, "got 401 at check_auth";
# check that submitting form with no / bad email creates an error.
$mech->get_ok('/auth');
for my $test (
[ '' => 'enter an email address' ],
[ 'not an email' => 'check your email address is correct' ],
[ 'bob@foo' => 'check your email address is correct' ],
[ 'bob@foonaoedudnueu.co.uk' => 'check your email address is correct' ],
)
{
my ( $email, $error_message ) = @$test;
pass "--- testing bad email '$email' gives error '$error_message'";
$mech->get_ok('/auth');
$mech->content_lacks($error_message);
$mech->submit_form_ok(
{
form_name => 'general_auth',
fields => { email => $email, },
button => 'create_account',
},
"try to create an account with email '$email'"
);
is $mech->uri->path, '/auth', "still on auth page";
$mech->content_contains($error_message);
}
# create a new account
Email::Send::Test->clear;
$mech->get_ok('/auth');
$mech->submit_form_ok(
{
form_name => 'general_auth',
fields => { email => $test_email, },
button => 'create_account',
},
"create an account for '$test_email'"
);
is $mech->uri->path, '/auth/welcome', "redirected to welcome page";
# check that we are now logged in
$mech->get_ok("/auth/check_auth");
# check that we got one email
{
my @emails = Email::Send::Test->emails;
Email::Send::Test->clear;
is scalar(@emails), 1, "got one email";
is $emails[0]->header('Subject'), "Your new FixMyStreet.com account",
"subject is correct";
is $emails[0]->header('To'), $test_email, "to is correct";
# extract the link
my ($link) = $emails[0]->body =~ m{(http://\S+)};
ok $link, "Found a link in email '$link'";
# check that the user is currently not confirmed
my $user =
FixMyStreet::App->model('DB::User')->find( { email => $test_email } );
ok $user, "got a user";
ok !$user->is_confirmed, "user has not been confirmed";
# visit the confirm link (with bad token) and check user no confirmed
$mech->get_ok( $link . 'XXX' );
$user->discard_changes;
ok !$user->is_confirmed, "user has not been confirmed";
# visit the confirm link and check user is confirmed
$mech->get_ok($link);
$user->discard_changes;
ok $user->is_confirmed, "user has been confirmed";
}
# logout
$mech->get_ok("/auth/logout");
is $mech->get('/auth/check_auth')->code, 401, "got 401 at check_auth";
# login using valid details
# logout
# try to login with bad details
# try to create an account with bad details
# get a password reset email (for bad email address)
# get a password reminder (for good email address)
# try using bad reset token
# use the good reset token and change the password
# try to use the good token again
# delete the test user
|
