initial commit

2021-03-11 21:12:55 -05:00
commit c954fdc600
89 changed files with 20205 additions and 0 deletions
--- a/test/cannery_web/controllers/user_confirmation_controller_test.exs
+++ b/test/cannery_web/controllers/user_confirmation_controller_test.exs
@ -0,0 +1,94 @@
+defmodule CanneryWeb.UserConfirmationControllerTest do
+  use CanneryWeb.ConnCase, async: true
+
+  alias Cannery.Accounts
+  alias Cannery.Repo
+  import Cannery.AccountsFixtures
+
+  setup do
+    %{user: user_fixture()}
+  end
+
+  describe "GET /users/confirm" do
+    test "renders the confirmation page", %{conn: conn} do
+      conn = get(conn, Routes.user_confirmation_path(conn, :new))
+      response = html_response(conn, 200)
+      assert response =~ "<h1>Resend confirmation instructions</h1>"
+    end
+  end
+
+  describe "POST /users/confirm" do
+    @tag :capture_log
+    test "sends a new confirmation token", %{conn: conn, user: user} do
+      conn =
+        post(conn, Routes.user_confirmation_path(conn, :create), %{
+          "user" => %{"email" => user.email}
+        })
+
+      assert redirected_to(conn) == "/"
+      assert get_flash(conn, :info) =~ "If your email is in our system"
+      assert Repo.get_by!(Accounts.UserToken, user_id: user.id).context == "confirm"
+    end
+
+    test "does not send confirmation token if User is confirmed", %{conn: conn, user: user} do
+      Repo.update!(Accounts.User.confirm_changeset(user))
+
+      conn =
+        post(conn, Routes.user_confirmation_path(conn, :create), %{
+          "user" => %{"email" => user.email}
+        })
+
+      assert redirected_to(conn) == "/"
+      assert get_flash(conn, :info) =~ "If your email is in our system"
+      refute Repo.get_by(Accounts.UserToken, user_id: user.id)
+    end
+
+    test "does not send confirmation token if email is invalid", %{conn: conn} do
+      conn =
+        post(conn, Routes.user_confirmation_path(conn, :create), %{
+          "user" => %{"email" => "unknown@example.com"}
+        })
+
+      assert redirected_to(conn) == "/"
+      assert get_flash(conn, :info) =~ "If your email is in our system"
+      assert Repo.all(Accounts.UserToken) == []
+    end
+  end
+
+  describe "GET /users/confirm/:token" do
+    test "confirms the given token once", %{conn: conn, user: user} do
+      token =
+        extract_user_token(fn url ->
+          Accounts.deliver_user_confirmation_instructions(user, url)
+        end)
+
+      conn = get(conn, Routes.user_confirmation_path(conn, :confirm, token))
+      assert redirected_to(conn) == "/"
+      assert get_flash(conn, :info) =~ "User confirmed successfully"
+      assert Accounts.get_user!(user.id).confirmed_at
+      refute get_session(conn, :user_token)
+      assert Repo.all(Accounts.UserToken) == []
+
+      # When not logged in
+      conn = get(conn, Routes.user_confirmation_path(conn, :confirm, token))
+      assert redirected_to(conn) == "/"
+      assert get_flash(conn, :error) =~ "User confirmation link is invalid or it has expired"
+
+      # When logged in
+      conn =
+        build_conn()
+        |> log_in_user(user)
+        |> get(Routes.user_confirmation_path(conn, :confirm, token))
+
+      assert redirected_to(conn) == "/"
+      refute get_flash(conn, :error)
+    end
+
+    test "does not confirm email with invalid token", %{conn: conn, user: user} do
+      conn = get(conn, Routes.user_confirmation_path(conn, :confirm, "oops"))
+      assert redirected_to(conn) == "/"
+      assert get_flash(conn, :error) =~ "User confirmation link is invalid or it has expired"
+      refute Accounts.get_user!(user.id).confirmed_at
+    end
+  end
+end