sample_rails_tailwind/test/integration/password_resets_test.rb

require "test_helper"

class PasswordResetsTest < ActionDispatch::IntegrationTest
  def setup
    ActionMailer::Base.deliveries.clear
    @user = users(:michael)
  end

  test "password reset" do
    get new_password_reset_path
    assert_template "password_resets/new"
    assert_select "input[name=?]", "password_reset[email]"
    # email is invalid
    post password_resets_path, params: { password_reset: { email: "" } }
    assert_not flash.empty?
    assert_template "password_resets/new"
    # email is valid
    post password_resets_path,
         params: { password_reset: { email: @user.email } }
    assert_not_equal @user.reset_digest, @user.reload.reset_digest
    assert_equal 1, ActionMailer::Base.deliveries.size
    assert_not flash.empty?
    assert_redirected_to root_url
    # password reset form
    user = assigns(:user)
    # email is error
    get edit_password_reset_path(user.reset_token, email: "")
    assert_redirected_to root_url
    # user is inactivated
    user.toggle!(:activated)
    get edit_password_reset_path(user.reset_token, email: user.email)
    assert_redirected_to root_url
    user.toggle!(:activated)
    # email is right, token is wrong
    get edit_password_reset_path("wrong token", email: user.email)
    assert_redirected_to root_url
    # email is right, token is right
    get edit_password_reset_path(user.reset_token, email: user.email)
    assert_template "password_resets/edit"
    assert_select "input[name=email][type=hidden][value=?]", user.email
    # password is not patch
    patch password_reset_path(user.reset_token),
          params: { email: user.email,
                    user: { password:              "foobaz",
                            password_confirmation: "barquux" } }
    assert_select "div#error_explanation"
    # password is empty
    patch password_reset_path(user.reset_token),
          params: { email: user.email,
                    user: { password:              "",
                            password_confirmation: "" } }
    assert_select "div#error_explanation"
    # password and password_confirmation is valid
    patch password_reset_path(user.reset_token),
          params: { email: user.email,
                    user: { password:              "foobaz",
                            password_confirmation: "foobaz" } }
    assert is_logged_in?
    assert_not flash.empty?
    assert_redirected_to user
    assert_nil user.reload.reset_digest
  end

  test "expired token" do
    get new_password_reset_path
    post password_resets_path,
         params: { password_reset: { email: @user.email } }

    @user = assigns(:user)
    @user.update_attribute(:reset_send_at, 3.hour.ago)
    patch password_reset_path(@user.reset_token),
          params: { email: @user.email,
                    user: { password: "foobar",
                            password_confirmation: "foobar" } }
    assert_response :redirect
    follow_redirect!
    assert_match "expired", response.body
  end
end
feat: add password reset functionality - Implement password reset request and form - Add user validation and expiration checks - Create integration tests for password reset process This commit introduces a complete password reset feature, allowing users to reset their passwords securely. It includes necessary validations to ensure the user is valid and the reset token has not expired. Additionally, integration tests have been added to verify the functionality and edge cases, enhancing overall application security and user experience. 2025-01-08 11:44:42 +08:00			`require "test_helper"`

			`class PasswordResetsTest < ActionDispatch::IntegrationTest`
			`def setup`
			`ActionMailer::Base.deliveries.clear`
			`@user = users(:michael)`
			`end`

			`test "password reset" do`
			`get new_password_reset_path`
			`assert_template "password_resets/new"`
			`assert_select "input[name=?]", "password_reset[email]"`
			`# email is invalid`
			`post password_resets_path, params: { password_reset: { email: "" } }`
			`assert_not flash.empty?`
			`assert_template "password_resets/new"`
			`# email is valid`
			`post password_resets_path,`
			`params: { password_reset: { email: @user.email } }`
			`assert_not_equal @user.reset_digest, @user.reload.reset_digest`
			`assert_equal 1, ActionMailer::Base.deliveries.size`
			`assert_not flash.empty?`
			`assert_redirected_to root_url`
			`# password reset form`
			`user = assigns(:user)`
			`# email is error`
			`get edit_password_reset_path(user.reset_token, email: "")`
			`assert_redirected_to root_url`
			`# user is inactivated`
			`user.toggle!(:activated)`
			`get edit_password_reset_path(user.reset_token, email: user.email)`
			`assert_redirected_to root_url`
			`user.toggle!(:activated)`
			`# email is right, token is wrong`
			`get edit_password_reset_path("wrong token", email: user.email)`
			`assert_redirected_to root_url`
			`# email is right, token is right`
			`get edit_password_reset_path(user.reset_token, email: user.email)`
			`assert_template "password_resets/edit"`
			`assert_select "input[name=email][type=hidden][value=?]", user.email`
			`# password is not patch`
			`patch password_reset_path(user.reset_token),`
			`params: { email: user.email,`
			`user: { password: "foobaz",`
			`password_confirmation: "barquux" } }`
			`assert_select "div#error_explanation"`
			`# password is empty`
			`patch password_reset_path(user.reset_token),`
			`params: { email: user.email,`
			`user: { password: "",`
			`password_confirmation: "" } }`
			`assert_select "div#error_explanation"`
			`# password and password_confirmation is valid`
			`patch password_reset_path(user.reset_token),`
			`params: { email: user.email,`
			`user: { password: "foobaz",`
			`password_confirmation: "foobaz" } }`
			`assert is_logged_in?`
			`assert_not flash.empty?`
			`assert_redirected_to user`
			`assert_nil user.reload.reset_digest`
			`end`

			`test "expired token" do`
			`get new_password_reset_path`
			`post password_resets_path,`
			`params: { password_reset: { email: @user.email } }`

			`@user = assigns(:user)`
			`@user.update_attribute(:reset_send_at, 3.hour.ago)`
			`patch password_reset_path(@user.reset_token),`
			`params: { email: @user.email,`
			`user: { password: "foobar",`
			`password_confirmation: "foobar" } }`
			`assert_response :redirect`
			`follow_redirect!`
			`assert_match "expired", response.body`
			`end`
			`end`