[rspec-users] Tests that require a logged in user / session cookie

Matthias Siegel matthiassiegel at gmail.com
Thu Aug 25 09:38:33 EDT 2011 

On 25/08/2011, at 11:10 AM, Justin Ko wrote:

> 
> 
> On Wed, Aug 24, 2011 at 6:40 PM, Matthias Siegel <matthiassiegel at gmail.com> wrote:
> Hi,
> 
> I'm fairly new to RSpec with Rails and I'm trying to work out how I can write request specs for resources that require a logged in user.
> 
> I can't get this one to pass:
> 
> 
> describe "GET /admin/account" do
> 
>  it "should have a 200 status code when logged in" do
>    post "/login", { :email => @user.email, :password => @user.password }
>    response.should redirect_to("/admin")
>    response.code.should eq("302")
>    get "/admin/account"
>    response.code.should eq("200")
>  end
> 
> end
> 
> 
> The login post part works fine and the session gets created correctly in the login method, but then the test fails at 'get "/admin/account"' because the session suddenly is empty.
> 
> I have tried another approach where I set the session manually, to simulate a logged in user:
> 
> 
> describe "GET /admin/account" do
> 
>  it "should have a 200 status code when logged in" do
>    session[:user_id] ||= @user.id
>    get "/admin/account"
>    response.code.should eq("200")
>  end
> 
> end
> 
> 
> But again the session arrives empty in my authorisation method when trying 'get "/admin/account"'.
> 
> My guess is that it fails because the session relies on cookies and in test mode there obviously is no browser and no cookie.
> Are there ways to simulate a logged in user in an app that creates sessions with cookies?
> 
> Thanks for any suggestions
> 
> What you are doing *should* work. Are there any before_filters altering the session? Maybe a gem doing it? Maybe you have an admin namespace that calls/uses a different session?


I have an admin namespace, but does that effect the normal 'session' object in any way?

I've done some more tests and setting the session in the RSpec code via session[:user_id] =|| @user.id definitely works, however when the GET request starts, the session is empty in the application_controller before anything else is executed. I still can't figure out where the session gets lost between RSpec and the app. I reduced the gems to a minimum set of Rails, Mongoid, BCrypt, Mail, RSpec, Cucumber and Factory_Girl, but didn't make a difference.

Forgery protection is disabled for test environment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/rspec-users/attachments/20110825/291d0e5c/attachment-0001.html>

More information about the rspec-users mailing list