@@ -188,12 +188,12 class AccountController < ApplicationController | |||||
188 |
|
188 | |||
189 | private |
|
189 | private | |
190 | def logged_user=(user) |
|
190 | def logged_user=(user) | |
|
191 | reset_session | |||
191 | if user && user.is_a?(User) |
|
192 | if user && user.is_a?(User) | |
192 | User.current = user |
|
193 | User.current = user | |
193 | session[:user_id] = user.id |
|
194 | session[:user_id] = user.id | |
194 | else |
|
195 | else | |
195 | User.current = User.anonymous |
|
196 | User.current = User.anonymous | |
196 | session[:user_id] = nil |
|
|||
197 | end |
|
197 | end | |
198 | end |
|
198 | end | |
199 | end |
|
199 | end |
@@ -147,6 +147,24 class AccountTest < ActionController::IntegrationTest | |||||
147 | assert user.hashed_password.blank? |
|
147 | assert user.hashed_password.blank? | |
148 | end |
|
148 | end | |
149 |
|
149 | |||
|
150 | def test_login_and_logout_should_clear_session | |||
|
151 | get '/login' | |||
|
152 | sid = session.session_id | |||
|
153 | ||||
|
154 | post '/login', :username => 'admin', :password => 'admin' | |||
|
155 | assert_redirected_to 'my/page' | |||
|
156 | assert_not_equal sid, session.session_id, "login should reset session" | |||
|
157 | assert_equal 1, session[:user_id] | |||
|
158 | sid = session.session_id | |||
|
159 | ||||
|
160 | get '/' | |||
|
161 | assert_equal sid, session.session_id | |||
|
162 | ||||
|
163 | get '/logout' | |||
|
164 | assert_not_equal sid, session.session_id, "logout should reset session" | |||
|
165 | assert_nil session[:user_id] | |||
|
166 | end | |||
|
167 | ||||
150 | else |
|
168 | else | |
151 | puts 'Mocha is missing. Skipping tests.' |
|
169 | puts 'Mocha is missing. Skipping tests.' | |
152 | end |
|
170 | end |
General Comments 0
You need to be logged in to leave comments.
Login now