diff options
Diffstat (limited to 'spec/features/users/login_spec.rb')
-rw-r--r-- | spec/features/users/login_spec.rb | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/spec/features/users/login_spec.rb b/spec/features/users/login_spec.rb index 3ba3650b608..b875dbe1340 100644 --- a/spec/features/users/login_spec.rb +++ b/spec/features/users/login_spec.rb @@ -49,15 +49,15 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do expect(page).to have_current_path edit_user_password_path, ignore_query: true expect(page).to have_content('Please create a password for your new account.') - fill_in 'user_password', with: 'password' - fill_in 'user_password_confirmation', with: 'password' + fill_in 'user_password', with: user.password + fill_in 'user_password_confirmation', with: user.password click_button 'Change your password' expect(page).to have_current_path new_user_session_path, ignore_query: true expect(page).to have_content(I18n.t('devise.passwords.updated_not_active')) fill_in 'user_login', with: user.username - fill_in 'user_password', with: 'password' + fill_in 'user_password', with: user.password click_button 'Sign in' expect_single_session_with_authenticated_ttl @@ -216,7 +216,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do before do gitlab_sign_in(user, remember: true) - expect(page).to have_content('Two-Factor Authentication') + expect(page).to have_content('Two-factor authentication code') end it 'does not show a "You are already signed in." error message' do @@ -231,7 +231,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do end it 'does not allow sign-in if the user password is updated before entering a one-time code' do - user.update!(password: 'new_password') + user.update!(password: User.random_password) enter_code(user.current_otp) @@ -365,7 +365,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do end context 'when logging in via OAuth' do - let(:user) { create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: 'saml')} + let(:user) { create(:omniauth_user, :two_factor, extern_uid: 'my-uid', provider: 'saml') } let(:mock_saml_response) do File.read('spec/fixtures/authentication/saml_response.xml') end @@ -407,7 +407,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do sign_in_using_saml! - expect(page).to have_content('Two-Factor Authentication') + expect(page).to have_content('Two-factor authentication code') enter_code(user.current_otp) @@ -468,7 +468,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do visit new_user_session_path fill_in 'user_login', with: user.email - fill_in 'user_password', with: '12345678' + fill_in 'user_password', with: user.password click_button 'Sign in' expect(page).to have_current_path(new_profile_password_path, ignore_query: true) @@ -477,14 +477,14 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do end context 'with invalid username and password' do - let(:user) { create(:user, password: 'not-the-default') } + let(:user) { create(:user) } it 'blocks invalid login' do expect(authentication_metrics) .to increment(:user_unauthenticated_counter) .and increment(:user_password_invalid_counter) - gitlab_sign_in(user) + gitlab_sign_in(user, password: 'incorrect-password') expect_single_session_with_short_ttl expect(page).to have_content('Invalid login or password.') @@ -788,7 +788,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do visit new_user_session_path fill_in 'user_login', with: user.email - fill_in 'user_password', with: '12345678' + fill_in 'user_password', with: user.password click_button 'Sign in' @@ -809,7 +809,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do visit new_user_session_path fill_in 'user_login', with: user.email - fill_in 'user_password', with: '12345678' + fill_in 'user_password', with: user.password click_button 'Sign in' @@ -830,7 +830,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do visit new_user_session_path fill_in 'user_login', with: user.email - fill_in 'user_password', with: '12345678' + fill_in 'user_password', with: user.password click_button 'Sign in' @@ -873,7 +873,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do visit new_user_session_path fill_in 'user_login', with: user.email - fill_in 'user_password', with: '12345678' + fill_in 'user_password', with: user.password click_button 'Sign in' fill_in 'user_otp_attempt', with: user.reload.current_otp @@ -899,7 +899,7 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do visit new_user_session_path fill_in 'user_login', with: user.email - fill_in 'user_password', with: '12345678' + fill_in 'user_password', with: user.password click_button 'Sign in' expect_to_be_on_terms_page @@ -907,9 +907,11 @@ RSpec.describe 'Login', :clean_gitlab_redis_sessions do expect(page).to have_current_path(new_profile_password_path, ignore_query: true) - fill_in 'user_password', with: '12345678' - fill_in 'user_new_password', with: 'new password' - fill_in 'user_password_confirmation', with: 'new password' + new_password = User.random_password + + fill_in 'user_password', with: user.password + fill_in 'user_new_password', with: new_password + fill_in 'user_password_confirmation', with: new_password click_button 'Set new password' expect(page).to have_content('Password successfully changed') |