about summary refs log tree commit diff
path: root/spec/controllers/auth
diff options
context:
space:
mode:
authorRené Klačan <rene@klacan.sk>2017-06-11 02:29:08 +0200
committerEugen Rochko <eugen@zeonfederated.com>2017-06-11 02:29:08 +0200
commitdcf0530218c60ff079ca38d7d3707ac80bde7f97 (patch)
tree97ac2de5c3f9c4a3cd765644c598c818b8a27a95 /spec/controllers/auth
parent47338bc13d6a528ada2840431e8115ea91a948a5 (diff)
Make sure email is case insensitive on all places (#3688)
When case insensitivity is enabled via devise's `config.case_insensitive_keys` then `.find_for_authentication` method needs to be used instead of `.find_by` because second mentioned returns `nil` when valid email with different cases is passed.

More info https://github.com/plataformatec/devise/wiki/How-To:-Use-case-insensitive-emails
Diffstat (limited to 'spec/controllers/auth')
-rw-r--r--spec/controllers/auth/sessions_controller_spec.rb34
1 files changed, 34 insertions, 0 deletions
diff --git a/spec/controllers/auth/sessions_controller_spec.rb b/spec/controllers/auth/sessions_controller_spec.rb
index 525b8254d..06fdbaabc 100644
--- a/spec/controllers/auth/sessions_controller_spec.rb
+++ b/spec/controllers/auth/sessions_controller_spec.rb
@@ -65,6 +65,20 @@ RSpec.describe Auth::SessionsController, type: :controller do
         end
       end
 
+      context 'using email with uppercase letters' do
+        before do
+          post :create, params: { user: { email: user.email.upcase, password: user.password } }
+        end
+
+        it 'redirects to home' do
+          expect(response).to redirect_to(root_path)
+        end
+
+        it 'logs the user in' do
+          expect(controller.current_user).to eq user
+        end
+      end
+
       context 'using an invalid password' do
         before do
           post :create, params: { user: { email: user.email, password: 'wrongpw' } }
@@ -129,6 +143,26 @@ RSpec.describe Auth::SessionsController, type: :controller do
         return codes
       end
 
+      context 'using email and password' do
+        before do
+          post :create, params: { user: { email: user.email, password: user.password } }
+        end
+
+        it 'renders two factor authentication page' do
+          expect(controller).to render_template("two_factor")
+        end
+      end
+
+      context 'using upcase email and password' do
+        before do
+          post :create, params: { user: { email: user.email.upcase, password: user.password } }
+        end
+
+        it 'renders two factor authentication page' do
+          expect(controller).to render_template("two_factor")
+        end
+      end
+
       context 'using a valid OTP' do
         before do
           post :create, params: { user: { otp_attempt: user.current_otp } }, session: { otp_user_id: user.id }