Test the "Remember Me" flow for OAuth-based login.

2017-06-15 04:40:47 +00:00 · 2017-06-15 04:40:47 +00:00 · 43337c120d
commit 43337c120d
parent e936db963e
3 changed files with 68 additions and 3 deletions
--- a/spec/features/oauth_login_spec.rb
+++ b/spec/features/oauth_login_spec.rb
@ -19,7 +19,7 @@ feature 'OAuth Login', feature: true, js: true do
  providers = [:github, :twitter, :bitbucket, :gitlab, :google_oauth2, :facebook]

  before do
-    OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(request['REQUEST_PATH'], '') }
+    OmniAuth.config.full_host = ->(request) { request['REQUEST_URI'].sub(/#{request['REQUEST_PATH']}.*/, '') }

    messages = {
      enabled: true,
@ -39,7 +39,6 @@ feature 'OAuth Login', feature: true, js: true do
          login_via(provider.to_s, user, 'my-uid')

          expect(current_path).to eq root_path
-          save_screenshot
        end
      end

@ -53,6 +52,64 @@ feature 'OAuth Login', feature: true, js: true do
          expect(current_path).to eq root_path
        end
      end
+
+      context 'when "remember me" is checked' do
+        context "when two-factor authentication is disabled" do
+          it 'remembers the user after a browser restart' do
+            stub_omniauth_config(provider)
+            user = create(:omniauth_user, extern_uid: 'my-uid', provider: provider.to_s)
+            login_via(provider.to_s, user, 'my-uid', remember_me: true)
+
+            restart_browser
+
+            visit(root_path)
+            expect(current_path).to eq root_path
+          end
+        end
+
+        context "when two-factor authentication is enabled" do
+          it 'remembers the user after a browser restart' do
+            stub_omniauth_config(provider)
+            user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: provider.to_s)
+            login_via(provider.to_s, user, 'my-uid', remember_me: true)
+            enter_code(user.current_otp)
+
+            restart_browser
+
+            visit(root_path)
+            expect(current_path).to eq root_path
+          end
+        end
+      end
+
+      context 'when "remember me" is not checked' do
+        context "when two-factor authentication is disabled" do
+          it 'does not remember the user after a browser restart' do
+            stub_omniauth_config(provider)
+            user = create(:omniauth_user, extern_uid: 'my-uid', provider: provider.to_s)
+            login_via(provider.to_s, user, 'my-uid', remember_me: false)
+
+            restart_browser
+
+            visit(root_path)
+            expect(current_path).to eq new_user_session_path
+          end
+        end
+
+        context "when two-factor authentication is enabled" do
+          it 'remembers the user after a browser restart' do
+            stub_omniauth_config(provider)
+            user = create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: provider.to_s)
+            login_via(provider.to_s, user, 'my-uid', remember_me: false)
+            enter_code(user.current_otp)
+
+            restart_browser
+
+            visit(root_path)
+            expect(current_path).to eq new_user_session_path
+          end
+        end
+      end
    end
  end
 end
--- a/spec/support/capybara_helpers.rb
+++ b/spec/support/capybara_helpers.rb
@ -35,6 +35,11 @@ module CapybaraHelpers
    visit 'about:blank'
    visit url
  end
+
+  # Simulate a browser restart by clearing the session cookie.
+  def restart_browser
+    page.driver.remove_cookie('_gitlab_session')
+  end
 end

 RSpec.configure do |config|
--- a/spec/support/login_helpers.rb
+++ b/spec/support/login_helpers.rb
@ -62,10 +62,13 @@ module LoginHelpers
    Thread.current[:current_user] = user
  end

-  def login_via(provider, user, uid)
+  def login_via(provider, user, uid, remember_me: false)
    mock_auth_hash(provider, uid, user.email)
    visit new_user_session_path
    expect(page).to have_content('Sign in with')
+
+    check "Remember Me" if remember_me
+
    click_link "oauth-login-#{provider}"
  end