[rspec-users] post authentication token
mark.thomson at ieee.org
Tue Oct 7 08:36:14 EDT 2008
Hmm, thanks. Still not sure if I'm diagnosing my problem correctly. Just
to be clear, I don't have any user authentication going on, just a
regular Rails button_to call. I tried installing webrat and put "visits
'/' " in my "given" step and "clicks_button" in my "when" step. However
I get an error from my_story.rb - "No such file or directory - open
Presumably my issue would also apply in posting a form in a regular
Rails integration test. The example on pp207-208 of AWDR doesn't
suggest that anything needs to be done in a post call to achieve session
authentication. And I see here -
that forgery protection is actually turned off in testing - which I've
confirmed in my config/environments/test.rb. So maybe I have some other
problem causing my response test to fail. Any other suggestions would be
Matt Wynne wrote:
> This is actually a pretty tough problem for a newbie, and sent me
> reeling away from the story runner with my gumption in tatters the
> first time I tried it.
> You could probably figure out how to post an authentication token in
> the HTTP headers if you use the basic underlying rails integration
> session method post(), but you may be better off just walking through
> the steps a real user would carry out in order to log in:
> Given /logged in/ do
> visits "/login"
> fills_in :username, "Matt"
> fills_in :password, "secret"
> This is what we do, and though instinctively it feels a little bit
> slow and clunky to do this at the top of every scenario that requires
> the user to be authenticated, in practice it's working fine for us,
> and I actually find it rather nice to know you're only vaguely coupled
> to the implementation.
> Note that these steps above use the 'webrat' library which is the
> de-facto way to talk to your rails app from feature steps.
> On 7 Oct 2008, at 02:52, Mark Thomson wrote:
>> Hi, I have a simple story that involves the user clicking a button
>> and a new page being rendered. Seems like a simple situation, but
>> it's testing my limited knowledge. The problem I have is my response
>> test is failing, and I'm guessing it's because the button click is
>> meant to submit a post request with an authentication token, which
>> would therefore have to be included in the post call in my scenario's
>> "when" step. My question is how do I go about determining the
>> required value of the authentication_token? Or am I just really
>> rspec-users mailing list
>> rspec-users at rubyforge.org
> rspec-users mailing list
> rspec-users at rubyforge.org
More information about the rspec-users