Refactor code related to authentication:

* User model * SessionsController
2011-08-25 21:46:29 +00:00
parent 07c2b5f525
commit 4f66db2682
4 changed files with 53 additions and 71 deletions
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -8,31 +8,39 @@ describe SessionsController do
  end

  describe 'POST create' do
-    context 'when the user submit invalid credentials' do
-      it 'renders the new template' do
-        User.stub(:authenticate).and_return(false)
-        post :create,
-          :session => Factory.attributes_for(:user)
-        response.should render_template('new')
-      end
+    let(:user) { Factory.create(:user) }
+
+    def do_create
+      post :create, :session => {
+        :email    => user.email,
+        :password => user.password
+      }
    end

-    context 'when the user submit valid credentials' do
-      let(:user) { Factory.create(:user) }
-      before do
-        User.stub(:authenticate).and_return(user)
-      end
-
+    context 'with valid credentials' do
      it 'signs the user in' do
-        post :create, :session => Factory.attributes_for(:user)
+        do_create
        controller.current_user.should == user
      end

      it 'redirects to the home page' do
-        post :create, :session => Factory.attributes_for(:user)
+        do_create
        response.should redirect_to(:root)
      end
    end
+
+    [:email, :password].each do |attr|
+      context "with invalid credentials (#{attr})" do
+        before do
+          user.stub(attr => user.send(attr) + '_INVALID')
+        end
+
+        it 'renders the new template' do
+          do_create
+          response.should render_template('new')
+        end
+      end
+    end
  end

  describe 'DELETE destroy' do
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -16,49 +16,39 @@ describe User do
    it { should_not be_valid }
  end

-  context 'when password empty' do
-    before do
-      user.password = ''
-    end
-
-    it { should_not be_valid }
-  end
-
  context 'when password_confirmation does not match password' do
    before do
-      user.password_confirmation = 'WRONG'
+      user.password_confirmation = user.password + 'INVALID'
    end

    it { should_not be_valid }
  end

-  describe '#hash_password' do
-    it 'is received when #save is sent' do
-      user.should_receive(:hash_password)
-      user.save
+  context 'when password_hash empty' do
+    before do
+      user.password_hash = ''
    end

-    it 'stores a bcrypt hash of the password' do
-      user.save
+    it { should_not be_valid }
+  end
+
+  describe '#password=' do
+    it 'stores a bcrypt hash of the password in password_hash' do
      BCrypt::Password.new(user.password_hash).should == user.password
    end
  end

-  describe '.authenticate' do
-    let (:user) { Factory.create(:user) }
-
-    it 'returns the user with valid credentials' do
-      User.authenticate(
-        user.email,
-        user.password
-      ).should == user
+  describe '#authenticate?' do
+    context 'with a valid password' do
+      it 'returns true' do
+        user.authenticate?(user.password).should be_true
+      end
    end

-    it 'returns false with invalid credentials' do
-      User.authenticate(
-        user.email,
-        'WRONG'
-      ).should be_false
+    context 'with an invalid password' do
+      it 'returns false' do
+        user.authenticate?(user.password + '_INVALID').should be_false
+      end
    end
  end
 end