Commit 6bfc355e authored by Timothy Andrew's avatar Timothy Andrew

Test the "Remember Me" flow for OAuth-based login.

parent dd926401
...@@ -19,7 +19,7 @@ feature 'OAuth Login', feature: true, js: true do ...@@ -19,7 +19,7 @@ feature 'OAuth Login', feature: true, js: true do
providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2, :facebook] providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2, :facebook]
before do before do
OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') } OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(/#{request['REQUEST_PATH']}.*/, '') }
messages = { messages = {
enabled: true, enabled: true,
...@@ -39,7 +39,6 @@ feature 'OAuth Login', feature: true, js: true do ...@@ -39,7 +39,6 @@ feature 'OAuth Login', feature: true, js: true do
login_via(provider.to_s, user, 'my-uid') login_via(provider.to_s, user, 'my-uid')
expect(current_path).to eq root_path expect(current_path).to eq root_path
save_screenshot
end end
end end
...@@ -53,6 +52,64 @@ feature 'OAuth Login', feature: true, js: true do ...@@ -53,6 +52,64 @@ feature 'OAuth Login', feature: true, js: true do
expect(current_path).to eq root_path expect(current_path).to eq root_path
end end
end end
context 'when "remember me" is checked' do
context "when two-factor authentication is disabled" do
it 'remembers the user after a browser restart' do
stub_omniauth_config(provider)
user = create(:omniauth_user, extern_uid: 'my-uid', provider: provider.to_s)
login_via(provider.to_s, user, 'my-uid', remember_me: true)
restart_browser
visit(root_path)
expect(current_path).to eq root_path
end
end
context "when two-factor authentication is enabled" do
it 'remembers the user after a browser restart' do
stub_omniauth_config(provider)
user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: provider.to_s)
login_via(provider.to_s, user, 'my-uid', remember_me: true)
enter_code(user.current_otp)
restart_browser
visit(root_path)
expect(current_path).to eq root_path
end
end
end
context 'when "remember me" is not checked' do
context "when two-factor authentication is disabled" do
it 'does not remember the user after a browser restart' do
stub_omniauth_config(provider)
user = create(:omniauth_user, extern_uid: 'my-uid', provider: provider.to_s)
login_via(provider.to_s, user, 'my-uid', remember_me: false)
restart_browser
visit(root_path)
expect(current_path).to eq new_user_session_path
end
end
context "when two-factor authentication is enabled" do
it 'remembers the user after a browser restart' do
stub_omniauth_config(provider)
user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: provider.to_s)
login_via(provider.to_s, user, 'my-uid', remember_me: false)
enter_code(user.current_otp)
restart_browser
visit(root_path)
expect(current_path).to eq new_user_session_path
end
end
end
end end
end end
end end
...@@ -35,6 +35,11 @@ module CapybaraHelpers ...@@ -35,6 +35,11 @@ module CapybaraHelpers
visit 'about:blank' visit 'about:blank'
visit url visit url
end end
# Simulate a browser restart by clearing the session cookie.
def restart_browser
page.driver.remove_cookie('_gitlab_session')
end
end end
RSpec.configure do |config| RSpec.configure do |config|
......
...@@ -62,10 +62,13 @@ module LoginHelpers ...@@ -62,10 +62,13 @@ module LoginHelpers
Thread.current[:current_user] = user Thread.current[:current_user] = user
end end
def login_via(provider, user, uid) def login_via(provider, user, uid, remember_me: false)
mock_auth_hash(provider, uid, user.email) mock_auth_hash(provider, uid, user.email)
visit new_user_session_path visit new_user_session_path
expect(page).to have_content('Sign in with') expect(page).to have_content('Sign in with')
check "Remember Me" if remember_me
click_link "oauth-login-#{provider}" click_link "oauth-login-#{provider}"
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment