[rspec-users] Tests that require a logged in user / session cookie

Justin Ko jko170 at gmail.com
Thu Aug 25 10:15:37 EDT 2011


On Thu, Aug 25, 2011 at 7:38 AM, Matthias Siegel
<matthiassiegel at gmail.com>wrote:

>
> On 25/08/2011, at 11:10 AM, Justin Ko wrote:
>
>
>
> On Wed, Aug 24, 2011 at 6:40 PM, Matthias Siegel <matthiassiegel at gmail.com
> > wrote:
>
>> Hi,
>>
>> I'm fairly new to RSpec with Rails and I'm trying to work out how I can
>> write request specs for resources that require a logged in user.
>>
>> I can't get this one to pass:
>>
>>
>> describe "GET /admin/account" do
>>
>>  it "should have a 200 status code when logged in" do
>>    post "/login", { :email => @user.email, :password => @user.password }
>>    response.should redirect_to("/admin")
>>    response.code.should eq("302")
>>    get "/admin/account"
>>    response.code.should eq("200")
>>  end
>>
>> end
>>
>>
>> The login post part works fine and the session gets created correctly in
>> the login method, but then the test fails at 'get "/admin/account"' because
>> the session suddenly is empty.
>>
>> I have tried another approach where I set the session manually, to
>> simulate a logged in user:
>>
>>
>> describe "GET /admin/account" do
>>
>>  it "should have a 200 status code when logged in" do
>>    session[:user_id] ||= @user.id
>>    get "/admin/account"
>>    response.code.should eq("200")
>>  end
>>
>> end
>>
>>
>> But again the session arrives empty in my authorisation method when trying
>> 'get "/admin/account"'.
>>
>> My guess is that it fails because the session relies on cookies and in
>> test mode there obviously is no browser and no cookie.
>> Are there ways to simulate a logged in user in an app that creates
>> sessions with cookies?
>>
>> Thanks for any suggestions
>>
>
> What you are doing *should* work. Are there any before_filters altering the
> session? Maybe a gem doing it? Maybe you have an admin namespace that
> calls/uses a different session?
>
>
>
> I have an admin namespace, but does that effect the normal 'session' object
> in any way?
>
> I've done some more tests and setting the session in the RSpec code via
> session[:user_id] =|| @user.id definitely works, however when the GET
> request starts, the session is empty in the application_controller before
> anything else is executed. I still can't figure out where the session gets
> lost between RSpec and the app. I reduced the gems to a minimum set of
> Rails, Mongoid, BCrypt, Mail, RSpec, Cucumber and Factory_Girl, but didn't
> make a difference.
>
> Forgery protection is disabled for test environment.
>
> _______________________________________________
> rspec-users mailing list
> rspec-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/rspec-users


I assume you're on the latest version of Rails and RSpec?

Also, I'm going to need to see some code. The spec and the controller action
(and before_filter).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/rspec-users/attachments/20110825/de7012ac/attachment.html>


More information about the rspec-users mailing list