Ado
3 results

 view release on metacpan or  search on metacpan

t/plugin/auth-01.t  view on Meta::CPAN 


#user is Guest
  ->text_is('article.ui.main.container h1' => 'Hello Guest,');

#same form is at /login/:auth_method
my $test_auth_url = $t->ua->server->url->path('/test/authenticateduser');
$t->get_ok('/login/ado', {Referer => $test_auth_url})->status_is(200)
  ->element_exists('section.ui.login_form form#login_form')
  ->text_like('form#login_form .ui.header:nth-child(1)' => qr'Sign in')
  ->element_exists('#login_name')->element_exists('#login_password');

#try unexisting login method
my $help_url = $t->ua->server->url->path('/help');
$t->get_ok('/login/alabala', {Referer => $help_url})->status_is(401)
  ->element_exists_not('input[name="_method"][checked="checked"]');
$t->post_ok('/login/alabala', {Referer => $help_url})->status_is(401)
  ->text_like('.ui.error.message' => qr/of the supported login methods/);

#try condition (redirects to /login url)
my $login_url =
  $t->get_ok('/test/authenticateduser')->status_is(302)->header_like('Location' => qr|/login$|)
  ->tx->res->headers->header('Location');

#login after following the Location header (redirect)
$t->get_ok($login_url);

#get the csrf fields
my $form       = $t->tx->res->dom->at('#login_form');
my $csrf_token = $form->at('[name="csrf_token"]')->{value};
my $form_hash  = {
    _method        => 'login/ado',
    login_name     => 'test1',
    login_password => '',
    csrf_token     => $csrf_token,
    digest => Mojo::Util::sha1_hex($csrf_token . Mojo::Util::sha1_hex('test1' . 'wrong_pass')),
};
$t->post_ok($login_url => {} => form => $form_hash)->status_is(401);

#try with wrong (unchanged) csrf token
$t->post_ok($login_url => {DNT => 1} => form => $form_hash)->status_is(403, 'Wrong csrf_token')
  ;    #403 Forbidden

#try with no user passed
$t->get_ok($login_url);
delete $form_hash->{login_name};
$form_hash->{csrf_token} = $t->tx->res->dom->at('#login_form [name="csrf_token"]')->{value};
$form_hash->{digest} =
  Mojo::Util::sha1_hex($form_hash->{csrf_token} . Mojo::Util::sha1_hex('' . 'wrong_pass'));
$t->post_ok($login_url => {} => form => $form_hash)->status_is(401, 'No login_name');

#try with no data
$t->post_ok($login_url)->status_is(401, 'No $val->has_data');

#try with unexisting user
$t->get_ok($login_url);
$form_hash->{login_name} = 'alabala';
$form_hash->{csrf_token} = $t->tx->res->dom->at('#login_form [name="csrf_token"]')->{value};
$form_hash->{digest} =
  Mojo::Util::sha1_hex($form_hash->{csrf_token} . Mojo::Util::sha1_hex('' . 'wrong_pass'));
$t->post_ok($login_url => {} => form => $form_hash)->status_is(401, 'No such user $login_name')
  ->text_like('#error_login',      qr'Wrong credentials! Please try again!')
  ->text_like('#error_login_name', qr"No such user '$form_hash->{login_name}'!");

done_testing;

 view all matches for this distribution
 view release on metacpan -  search on metacpan

( run in 0.508 second using v1.00-cache-2.02-grep-82fe00e-cpan-2c419f77a38b )