| @@ -188,12 +188,12 class AccountController < ApplicationController | |||||
| 188 |
|
188 | |||
| 189 | private |
|
189 | private | |
| 190 | def logged_user=(user) |
|
190 | def logged_user=(user) | |
|
|
191 | reset_session | |||
| 191 | if user && user.is_a?(User) |
|
192 | if user && user.is_a?(User) | |
| 192 | User.current = user |
|
193 | User.current = user | |
| 193 | session[:user_id] = user.id |
|
194 | session[:user_id] = user.id | |
| 194 | else |
|
195 | else | |
| 195 | User.current = User.anonymous |
|
196 | User.current = User.anonymous | |
| 196 | session[:user_id] = nil |
|
|||
| 197 | end |
|
197 | end | |
| 198 | end |
|
198 | end | |
| 199 | end |
|
199 | end | |
| @@ -147,6 +147,24 class AccountTest < ActionController::IntegrationTest | |||||
| 147 | assert user.hashed_password.blank? |
|
147 | assert user.hashed_password.blank? | |
| 148 | end |
|
148 | end | |
| 149 |
|
149 | |||
|
|
150 | def test_login_and_logout_should_clear_session | |||
|
|
151 | get '/login' | |||
|
|
152 | sid = session.session_id | |||
|
|
153 | ||||
|
|
154 | post '/login', :username => 'admin', :password => 'admin' | |||
|
|
155 | assert_redirected_to 'my/page' | |||
|
|
156 | assert_not_equal sid, session.session_id, "login should reset session" | |||
|
|
157 | assert_equal 1, session[:user_id] | |||
|
|
158 | sid = session.session_id | |||
|
|
159 | ||||
|
|
160 | get '/' | |||
|
|
161 | assert_equal sid, session.session_id | |||
|
|
162 | ||||
|
|
163 | get '/logout' | |||
|
|
164 | assert_not_equal sid, session.session_id, "logout should reset session" | |||
|
|
165 | assert_nil session[:user_id] | |||
|
|
166 | end | |||
|
|
167 | ||||
| 150 | else |
|
168 | else | |
| 151 | puts 'Mocha is missing. Skipping tests.' |
|
169 | puts 'Mocha is missing. Skipping tests.' | |
| 152 | end |
|
170 | end | |
General Comments 0
You need to be logged in to leave comments.
Login now