Use DB for auth sessions (#1233)

* DB sessions * Validations for profile image
2025-07-23 07:09:39 +02:00 · 2024-10-03 14:42:22 -04:00 · 2024-10-03 14:42:22 -04:00 · 1ffa13f3b3
commit 1ffa13f3b3
parent 82c298307d
27 changed files with 118 additions and 76 deletions
--- a/test/controllers/registrations_controller_test.rb
+++ b/test/controllers/registrations_controller_test.rb
@ -24,14 +24,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
    end
  end

-  test "sets last_login_at on successful registration" do
-    post registration_url, params: { user: {
-      email: "john@example.com",
-      password: "password",
-      password_confirmation: "password" } }
-    assert_not_nil User.find_by(email: "john@example.com").last_login_at
-  end
-
  test "create when hosted requires an invite code" do
    with_env_overrides REQUIRE_INVITE_CODE: "true" do
      assert_no_difference "User.count" do
--- a/test/controllers/sessions_controller_test.rb
+++ b/test/controllers/sessions_controller_test.rb
@ -5,14 +5,30 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
    @user = users(:family_admin)
  end

-  test "can sign in" do
-    post session_url, params: { email: @user.email, password: "password" }
-    assert_redirected_to root_url
+  test "login page" do
+    get new_session_url
+    assert_response :success
  end

-  test "sets last_login_at on successful login" do
-    assert_changes -> { @user.reload.last_login_at }, from: nil do
-      post session_url, params: { email: @user.email, password: "password" }
-    end
+  test "can sign in" do
+    sign_in @user
+    assert_redirected_to root_url
+
+    get root_url
+    assert_response :success
+  end
+
+  test "fails to sign in with bad password" do
+    post sessions_url, params: { email: @user.email, password: "bad" }
+    assert_response :unprocessable_entity
+    assert_equal "Invalid email or password.", flash[:alert]
+  end
+
+  test "can sign out" do
+    sign_in @user
+
+    delete session_url(@user.sessions.order(:created_at).last)
+    assert_redirected_to root_url
+    assert_equal "You have signed out successfully.", flash[:notice]
  end
 end
--- a/test/fixtures/sessions.yml
+++ b/test/fixtures/sessions.yml
@ -0,0 +1,4 @@
+one:
+  user: family_admin
+  user_agent: MyString
+  ip_address: MyString
--- a/test/models/current_test.rb
+++ b/test/models/current_test.rb
@ -3,7 +3,7 @@ require "test_helper"
 class CurrentTest < ActiveSupport::TestCase
  test "family returns user family" do
    user = users(:family_admin)
-    Current.user = user
+    Current.session = user.sessions.create!
    assert_equal user.family, Current.family
  end
 end
--- a/test/models/session_test.rb
+++ b/test/models/session_test.rb
@ -0,0 +1,7 @@
+require "test_helper"
+
+class SessionTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@ -49,7 +49,7 @@ module ActiveSupport

    # Add more helper methods to be used by all tests here...
    def sign_in(user)
-      post session_path, params: { email: user.email, password: "password" }
+      post sessions_path, params: { email: user.email, password: "password" }
    end

    def with_env_overrides(overrides = {}, &block)