# frozen_string_literal: true require 'test_helper' module Admin class AuthControllerTest < ActionDispatch::IntegrationTest include ActiveJob::TestHelper test "should get login" do get admin_login_url assert_response :success assert_template 'admin/auth/login' end test "should get logout" do post admin_auth_url, params: { auth: { email: 'alan.admin@mailinator.com', password: 'password' } } get admin_logout_url assert_redirected_to admin_login_url assert session[:user].nil? end test "should auth to dashboard" do post admin_auth_url, params: { auth: { email: 'alan.admin@mailinator.com', password: 'password' } } assert_redirected_to admin_url end test "should FAIL auth" do post admin_auth_url, params: { auth: { email: 'alan.admin@mailinator.com', password: 'b@d9a$$werD' } } assert_redirected_to admin_login_url assert_match(/incorrect.*password/i, flash[:error]) end test "recruiter should auth to dashboard" do post admin_auth_url, params: { auth: { email: 'pdr.recruiter@mailinator.com', password: 'password' } } assert_redirected_to admin_url end test "reviewer should auth to dashboard" do post admin_auth_url, params: { auth: { email: 'fed.reviewer@mailinator.com', password: 'password' } } assert_redirected_to admin_url end test "should get reset_request" do get admin_reset_request_url assert_response :success end test "should process a reset request" do user = users(:admin) assert_enqueued_jobs 1 do post admin_send_reset_url, params: { auth: { email: user.email } } end refute_equal user.reset_token, User.find(user.id).reset_token assert_redirected_to admin_reset_request_url assert_match(/request.*sent/i, flash[:success]) end test "should redirect with invalid reset_token" do get admin_reset_url('fooBarBaz') assert_redirected_to admin_reset_request_url end test "should get reset form" do user = users(:admin) user.setup_reset get admin_reset_url(user.reset_token) assert :success end test "should post password reset" do user = users(:admin) user.setup_reset post admin_reset_password_url, params: { auth: { reset_token: user.reset_token, password: '12345', password_confirmation: '12345' } } assert_redirected_to admin_auth_path assert_match(/reset.*log/i, flash[:success]) end test "should fail to reset with mistyped password" do user = users(:admin) user.setup_reset post admin_reset_password_url, params: { auth: { reset_token: user.reset_token, password: '12345', password_confirmation: 'abcde' } } assert :success assert flash[:error] end end end