diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-25 00:06:14 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-25 00:06:14 +0000 |
commit | 6d43720a1a86ccca9618417a6d0415e7d522fa49 (patch) | |
tree | ceab63f6374252b8afe4913b949bae39a027366f /spec/features/users | |
parent | 46bfa73d93786bc2a832be7e42e2119712a0bafb (diff) | |
download | gitlab-ce-6d43720a1a86ccca9618417a6d0415e7d522fa49.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/features/users')
-rw-r--r-- | spec/features/users/anonymous_sessions_spec.rb | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/spec/features/users/anonymous_sessions_spec.rb b/spec/features/users/anonymous_sessions_spec.rb new file mode 100644 index 00000000000..e87ee39a3f4 --- /dev/null +++ b/spec/features/users/anonymous_sessions_spec.rb @@ -0,0 +1,41 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe 'Session TTLs', :clean_gitlab_redis_shared_state do + it 'creates a session with a short TTL when login fails' do + visit new_user_session_path + # The session key only gets created after a post + fill_in 'user_login', with: 'non-existant@gitlab.org' + fill_in 'user_password', with: '12345678' + click_button 'Sign in' + + expect(page).to have_content('Invalid Login or password') + + expect_single_session_with_expiration(Settings.gitlab['unauthenticated_session_expire_delay']) + end + + it 'increases the TTL when the login succeeds' do + user = create(:user) + gitlab_sign_in(user) + + expect(page).to have_content(user.name) + + expect_single_session_with_expiration(Settings.gitlab['session_expire_delay'] * 60) + end + + def expect_single_session_with_expiration(expiration) + session_keys = get_session_keys + + expect(session_keys.size).to eq(1) + expect(get_ttl(session_keys.first)).to eq expiration + end + + def get_session_keys + Gitlab::Redis::SharedState.with { |redis| redis.scan_each(match: 'session:gitlab:*').to_a } + end + + def get_ttl(key) + Gitlab::Redis::SharedState.with { |redis| redis.ttl(key) } + end +end |