debian-mirror-gitlab/spec/features/users/anonymous_sessions_spec.rb

40 lines
1.1 KiB
Ruby
Raw Normal View History

2019-12-26 22:10:19 +05:30
# frozen_string_literal: true
require 'spec_helper'
2023-03-04 22:38:38 +05:30
RSpec.describe 'Session TTLs', :clean_gitlab_redis_shared_state, feature_category: :system_access do
2021-11-11 11:23:49 +05:30
include SessionHelpers
2019-12-26 22:10:19 +05:30
it 'creates a session with a short TTL when login fails' do
visit new_user_session_path
# The session key only gets created after a post
fill_in 'user_login', with: 'non-existant@gitlab.org'
2022-04-01 21:47:47 +05:30
fill_in 'user_password', with: '12345678'
2019-12-26 22:10:19 +05:30
click_button 'Sign in'
2021-04-29 21:17:54 +05:30
expect(page).to have_content('Invalid login or password')
2019-12-26 22:10:19 +05:30
2021-11-11 11:23:49 +05:30
expect_single_session_with_short_ttl
2019-12-26 22:10:19 +05:30
end
it 'increases the TTL when the login succeeds' do
user = create(:user)
gitlab_sign_in(user)
expect(page).to have_content(user.name)
2021-11-11 11:23:49 +05:30
expect_single_session_with_authenticated_ttl
2019-12-26 22:10:19 +05:30
end
2021-11-11 11:23:49 +05:30
context 'with an unauthorized project' do
let_it_be(:project) { create(:project, :repository) }
2019-12-26 22:10:19 +05:30
2021-11-11 11:23:49 +05:30
it 'creates a session with a short TTL' do
visit project_raw_path(project, 'master/README.md')
2019-12-26 22:10:19 +05:30
2021-11-11 11:23:49 +05:30
expect_single_session_with_short_ttl
expect(page).to have_current_path(new_user_session_path)
end
2019-12-26 22:10:19 +05:30
end
end