password reset requests

test/controllers/admin/auth_controller_test.rb

@@ -36,5 +36,42 @@ module Admin
       assert_redirected_to admin_login_url
       assert_match(/incorrect.*email/, flash[:error])
     end
+
+    test "should get reset_request" do
+      get admin_reset_request_url
+      assert_response :success
+    end
+
+    test "should process a reset request" do
+      user = users(:admin)
+      post admin_send_reset_url, params: { auth: { email: user.email } }
+
+      refute_equal user.reset_token, User.find(user.id).reset_token
+      assert_redirected_to admin_reset_request_url
+      assert_match(/request.*sent/i, flash[:success])
+    end
+
+    test "should redirect with invalid reset_token" do
+      get admin_reset_url('fooBarBaz')
+      assert_redirected_to admin_reset_request_url
+    end
+
+    test "should get reset form" do
+      user = users(:admin)
+      user.setup_reset
+      get admin_reset_url(user.reset_token)
+      assert :success
+    end
+
+    test "should post password reset" do
+      user = users(:admin)
+      user.setup_reset
+
+      post admin_reset_password_url, params: { auth:
+        { reset_token: user.reset_token, password: '12345', password_confirmation: '12345' } }
+
+      assert_redirected_to admin_auth_path
+      assert_match(/reset.*log/i, flash[:success])
+    end
   end
 end

test/controllers/admin/profile_controller_test.rb

@@ -22,10 +22,5 @@ module Admin
       assert_redirected_to admin_profile_url
       assert flash[:success]
     end
-
-    test "should get lost_password" do
-      get admin_reset_password_url
-      assert_response :success
-    end
   end
 end