Merge pull request #623 from AyuntamientoMadrid/letter-verification

Letter verification

app/assets/fonts/icons.svg

@@ -44,4 +44,5 @@
 <glyph glyph-name="blog" unicode="&#74;" d="M52 369c38 71 115 118 204 118 58 0 110-24 150-59-11 2-24 0-36-7-30-17-40-66-1-90 24-15 32-53 32-76-1-23-56-128-56-128l-54 184c0 0-2 13-2 17 0 4 2 10 5 13 2 3 5 7 8 7l26 0 0 21-139 0 0-21 5 0c4 0 9-6 13-10 5-6 11-25 19-45l20-67-43-100-48 200c0 0 2 14 5 16 1 2 4 6 8 6l1 0 0 21z m27-35c0 0-11 14-23 14l-12 0c-12-25-18-60-18-91 0-95 58-176 141-211z m375 36c5-20 4-46-5-73-22-72-77-202-99-252 81 36 136 116 136 209 0 43-11 82-32 116z m-193-194l-59-144c17-4 35-7 54-7 19 0 38 3 56 7z"/>
 <glyph glyph-name="box" unicode="&#73;" d="M311 274c0 5-2 10-6 13-3 4-7 6-12 6l-74 0c-5 0-9-2-12-6-4-3-6-8-6-13 0-5 2-9 6-13 3-3 7-5 12-5l74 0c5 0 9 2 12 5 4 4 6 8 6 13z m164 55l0-274c0-5-1-9-5-13-4-4-8-5-13-5l-402 0c-5 0-9 1-13 5-4 4-5 8-5 13l0 274c0 5 1 9 5 13 4 4 8 5 13 5l402 0c5 0 9-1 13-5 4-4 5-8 5-13z m19 128l0-73c0-5-2-9-6-13-3-3-8-5-13-5l-438 0c-5 0-10 2-13 5-4 4-6 8-6 13l0 73c0 5 2 9 6 13 3 4 8 5 13 5l438 0c5 0 10-1 13-5 4-4 6-8 6-13z"/>
 <glyph glyph-name="youtube" unicode="&#75;" d="M314 157l0-61c0-12-4-19-11-19-5 0-9 2-13 6l0 86c4 5 8 7 13 7 7 0 11-7 11-19z m97-1l0-13-26 0 0 13c0 13 4 20 13 20 8 0 13-7 13-20z m-276 63l30 0 0 26-89 0 0-26 30 0 0-163 29 0z m82-163l25 0 0 141-25 0 0-108c-6-8-11-12-16-12-4 0-6 2-6 6-1 1-1 4-1 10l0 104-25 0 0-112c0-9 1-16 2-20 2-7 8-11 17-11 9 0 19 6 29 17z m122 42l0 57c0 13 0 23-2 28-3 11-10 16-20 16-10 0-19-5-27-16l0 62-25 0 0-189 25 0 0 14c9-11 17-16 27-16 10 0 17 5 20 16 2 5 2 14 2 28z m97 3l0 4-26 0c0-10 0-16-1-18-1-6-5-10-11-10-9 0-13 7-13 20l0 25 51 0 0 29c0 15-3 26-8 33-7 10-17 15-30 15-13 0-23-5-31-15-5-7-8-18-8-33l0-49c0-15 3-26 9-33 7-10 17-15 31-15 13 0 24 5 30 15 4 5 6 10 6 16 1 1 1 7 1 16z m-174 261l0 60c0 13-4 20-12 20-8 0-12-7-12-20l0-60c0-13 4-20 12-20 8 0 12 7 12 20z m206-215c0-44-3-77-8-100-2-11-8-20-16-28-9-7-18-12-29-13-35-4-88-6-159-6-71 0-124 2-159 6-11 1-20 6-29 13-8 8-14 17-16 28-5 22-8 55-8 100 0 45 3 78 8 100 2 12 8 21 16 29 9 7 18 12 30 13 35 4 87 6 158 6 71 0 124-2 159-6 11-1 20-6 29-13 8-8 14-17 16-29 5-21 8-54 8-100z m-285 365l29 0-35-114 0-77-28 0 0 77c-3 14-9 34-18 61-7 19-13 37-18 53l30 0 20-75z m105-95l0-50c0-16-2-27-8-34-7-10-17-14-30-14-13 0-23 4-30 14-5 7-8 19-8 34l0 50c0 15 3 26 8 33 7 10 17 15 30 15 13 0 23-5 30-15 6-7 8-18 8-33z m96 46l0-142-26 0 0 15c-10-12-20-17-29-17-9 0-15 3-17 10-2 5-3 12-3 22l0 112 26 0 0-105c0-6 1-9 1-10 0-4 2-6 6-6 5 0 10 4 16 12l0 109z"/>
+<glyph glyph-name="letter" unicode="&#76;" d="M475 82l0 220c-6-7-12-13-19-19-51-39-92-72-122-97-10-8-18-14-24-19-6-4-14-9-24-14-11-4-21-7-30-7l0 0c-9 0-19 3-30 7-10 5-18 10-24 14-6 5-14 11-24 19-30 25-71 58-122 97-7 6-13 12-19 19l0-220c0-2 0-4 2-6 2-2 4-3 7-3l420 0c3 0 5 1 7 3 2 2 2 4 2 6z m0 301l0 7c0 0 0 1 0 3 0 3 0 4-1 4 0 0-1 1-1 2-1 2-2 3-3 3-1-1-2-1-4 0l-420 0c-3 0-5-1-7-2-2-2-2-4-2-7 0-32 14-59 42-81 36-29 75-59 114-91 1-1 5-3 10-8 6-5 10-8 13-11 4-2 8-5 13-9 5-3 10-6 14-8 5-1 9-2 13-2l0 0c4 0 8 1 13 2 4 2 9 5 14 8 5 4 9 7 13 9 3 3 7 6 13 11 5 5 9 7 10 8 39 32 78 62 114 91 11 8 20 19 29 33 9 14 13 26 13 38z m37 10l0-311c0-12-4-23-13-32-9-9-20-13-33-13l-420 0c-13 0-24 4-33 13-9 9-13 20-13 32l0 311c0 13 4 23 13 32 9 9 20 14 33 14l420 0c13 0 24-5 33-14 9-9 13-19 13-32z"/>
 </font></defs></svg>

app/assets/stylesheets/icons.scss

@@ -148,3 +148,6 @@
 .icon-youtube:before {
   content: "K";
 }
+.icon-letter:before {
+  content: "L";
+}

app/assets/stylesheets/layout.scss

@@ -1761,6 +1761,38 @@ table {
   }
 }
 
+.verify {
+  margin-bottom: rem-calc(48);
+  margin-top: rem-calc(24);
+
+  h1 {
+    color: $check;
+
+    .icon-check {
+      line-height: rem-calc(30);
+      vertical-align: middle;
+    }
+  }
+
+  .letter-divider {
+    border-top: 1px solid #DDDDDD;
+    clear: both;
+    height: 0;
+    margin: rem-calc(24) 0;
+    position: relative;
+
+    .icon-letter {
+      background: white;
+      color: $info-color;
+      font-size: rem-calc(24);
+      margin-left: rem-calc(-27);
+      padding: 0 rem-calc(12);
+      position: absolute;
+      top: rem-calc(-12);
+    }
+  }
+}
+
 // 18. Comments
 // - - - - - - - - - - - - - - - - - - - - - - - - -
 

app/controllers/application_controller.rb

@@ -103,6 +103,8 @@ class ApplicationController < ActionController::Base
     end
 
     def verify_verified!
-      redirect_to(account_path, notice: t('verification.redirect_notices.already_verified')) if current_user.level_three_verified?
+      if current_user.level_three_verified?
+        redirect_to(account_path, notice: t('verification.redirect_notices.already_verified'))
+      end
     end
 end

app/controllers/pages_controller.rb

@@ -46,6 +46,9 @@ class PagesController < ApplicationController
   def participation_world
   end
 
+  def verify
+  end
+
   def blog
     redirect_to "http://diario.madrid.es/participa/"
   end

app/controllers/verification/letter_controller.rb

@@ -1,9 +1,12 @@
 class Verification::LetterController < ApplicationController
-  before_action :authenticate_user!
+  before_action :authenticate_user!, except: [:edit, :update]
-  before_action :verify_resident!
+  before_action :login_via_form, only: :update
-  before_action :verify_phone!
+
-  before_action :verify_verified!
+  before_action :verify_resident!, if: :signed_in?
-  before_action :verify_lock
+  before_action :verify_phone!, if: :signed_in?
+  before_action :verify_verified!, if: :signed_in?
+  before_action :verify_lock, if: :signed_in?
+
   skip_authorization_check
 
   def new
@@ -13,20 +16,23 @@ class Verification::LetterController < ApplicationController
   def create
     @letter = Verification::Letter.new(user: current_user)
     @letter.save
-    redirect_to edit_letter_path
+    redirect_to letter_path
+  end
+
+  def show
   end
 
   def edit
-    @letter = Verification::Letter.new(user: current_user)
+    @letter = Verification::Letter.new
   end
 
   def update
-    @letter = Verification::Letter.new(letter_params.merge(user: current_user))
+    @letter = Verification::Letter.new(letter_params.merge(user: current_user, verify: true))
-    if @letter.verified?
+    if @letter.valid?
       current_user.update(verified_at: Time.now)
       redirect_to account_path, notice: t('verification.letter.update.flash.success')
     else
-      Lock.increase_tries(@letter.user)
+      Lock.increase_tries(@letter.user) if @letter.user
       render :edit
     end
   end
@@ -34,7 +40,7 @@ class Verification::LetterController < ApplicationController
   private
 
     def letter_params
-      params.require(:letter).permit(:verification_code)
+      params.require(:verification_letter).permit(:verification_code, :email, :password)
     end
 
     def verify_phone!
@@ -43,4 +49,12 @@ class Verification::LetterController < ApplicationController
       end
     end
 
+    def login_via_form
+      user = User.find_by email: letter_params[:email]
+      if user && user.valid_password?(letter_params[:password])
+        sign_in(user)
+      end
+    end
+
+
 end

app/models/verification/letter.rb

@@ -1,9 +1,14 @@
 class Verification::Letter
   include ActiveModel::Model
 
-  attr_accessor :user, :verification_code
+  attr_accessor :user, :verification_code, :email, :password, :verify
 
-  validates :user, presence: true
+  validates :email, presence: true
+  validates :password, presence: true
+  validates :verification_code, presence: true
+
+  validate :validate_existing_user
+  validate :validate_correct_code, if: :verify?
 
   def save
     valid? &&
@@ -14,20 +19,21 @@ class Verification::Letter
     user.update(letter_requested_at: Time.now, letter_verification_code: generate_verification_code)
   end
 
-  def verified?
+  def validate_existing_user
-    validate_letter_sent
+    unless user
-    validate_correct_code
+      errors.add(:email, I18n.t('devise.failure.invalid', authentication_keys: 'email'))
-    errors.blank?
     end
-
-  def validate_letter_sent
-    errors.add(:verification_code, I18n.t('verification.letter.errors.letter_not_sent')) unless
-    user.letter_sent_at.present?
   end
 
   def validate_correct_code
-    errors.add(:verification_code, I18n.t('verification.letter.errors.incorect_code')) unless
+    return if errors.include?(:verification_code)
-    user.letter_verification_code == verification_code
+    if user.try(:letter_verification_code) != verification_code
+      errors.add(:verification_code, I18n.t('verification.letter.errors.incorrect_code'))
+    end
+  end
+
+  def verify?
+    verify.present?
   end
 
   def increase_letter_verification_tries

app/views/pages/verify.html.erb

@@ -0,0 +1,27 @@
+<div class="row verify">
+  <div class="small-12 medium-8 small-centered column">
+    <div class="text-center">
+      <h1>
+        <i class="icon-check"></i>
+        <%= t("pages.verify.title") %>
+      </h1>
+
+      <p><%= t("pages.verify.info") %></p>
+    </div>
+
+    <div class="medium-6 small-centered column">
+      <form>
+        <label><%= t("pages.verify.email") %></label>
+        <input type="text" placeholder="<%= t("pages.verify.email") %>">
+
+        <label><%= t("pages.verify.password") %></label>
+        <input type="password" placeholder="<%= t("pages.verify.password") %>">
+
+        <label><%= t("pages.verify.code") %></label>
+        <input type="text" placeholder="<%= t("pages.verify.code") %>">
+
+        <input type="submit" value="<%= t("pages.verify.submit") %>" class="button radius success expand">
+      </form>
+    </div>
+  </div>
+</div>

app/views/verification/letter/edit.html.erb

@@ -1,22 +1,31 @@
-<div class="verification account row">
+<div class="row verify">
+  <div class="small-12 medium-9 large-6 small-centered column">
+    <div class="text-center">
+      <h1>
+        <i class="icon-check"></i>
+        <%= t("pages.verify.title") %>
+      </h1>
 
-  <%= link_to account_path, class: "left back clear" do %>
+      <p><%= t("pages.verify.info") %></p>
-    <i class="icon-angle-left left"></i>
-    <%= t("verification.back") %>
-  <% end %>
-
-  <div class="small-12 column">
-
-    <h1><%= t("verification.letter.edit.title") %></h1>
-
-    <div class="alert-box success radius clear margin-top">
-      <%= t("verification.letter.create.flash.success_html",
-          offices: link_to(t("verification.letter.create.flash.offices"),
-                           t("verification.letter.create.flash.offices_url"),
-                           target: "_blank")).html_safe
-      %>
     </div>
 
-    <%= link_to t("verification.letter.edit.see_all"), proposals_path, class: "button warning radius" %>
+    <div class="small-12 large-9 small-centered column">
+      <%= form_for @letter, url: letter_path, method: :patch do |f| %>
+        <%= f.text_field :email, label: t("pages.verify.email"), placeholder: t("pages.verify.email") %>
+        <%= f.password_field :password, label: t("pages.verify.password"), placeholder: t("pages.verify.password") %>
+
+        <p class="letter-divider text-center">
+          <i class="icon-letter"></i>
+        </p>
+
+        <p>
+          <%= t("pages.verify.info_code") %>
+        </p>
+
+        <%= f.text_field :verification_code, label: t("pages.verify.code"), placeholder: t("pages.verify.code") %>
+
+        <%= f.submit(class: "button radius success expand", value: t("pages.verify.submit")) %>
+      <% end %>
+    </div>
   </div>
 </div>

app/views/verification/letter/show.html.erb

@@ -0,0 +1,22 @@
+<div class="verification account row">
+
+  <%= link_to account_path, class: "left back clear" do %>
+    <i class="icon-angle-left left"></i>
+    <%= t("verification.back") %>
+  <% end %>
+
+  <div class="small-12 column">
+
+    <h1><%= t("verification.letter.edit.title") %></h1>
+
+    <div class="alert-box success radius clear margin-top">
+      <%= t("verification.letter.create.flash.success_html",
+          offices: link_to(t("verification.letter.create.flash.offices"),
+                           t("verification.letter.create.flash.offices_url"),
+                           target: "_blank")).html_safe
+      %>
+    </div>
+
+    <%= link_to t("verification.letter.edit.see_all"), proposals_path, class: "button warning radius" %>
+  </div>
+</div>

config/i18n-tasks.yml

@@ -96,6 +96,7 @@ ignore_missing:
   - 'unauthorized.*'
   - 'errors.messages.blank'
   - 'errors.messages.taken'
+  - 'devise.failure.invalid'
   - 'devise.registrations.destroyed'
 
 ## Consider these keys used:

config/locales/en.yml

@@ -71,6 +71,7 @@ en:
       debate: debate
       proposal: proposal
       verification::sms: phone
+      verification::letter: verification
   application:
     alert:
       only_beta_testers: "Sorry only Beta Testers are allowed access at the moment"

config/locales/es.yml

@@ -71,6 +71,7 @@ es:
       debate: el debate
       proposal: la propuesta
       verification::sms: el teléfono
+      verification::letter: la verificación
   application:
     alert:
       only_beta_testers: "Lo sentimos sólo los usuarios de pruebas tienen acceso de momento"

config/locales/pages.en.yml

@@ -19,3 +19,11 @@ en:
       "Transparency"
     opendata:
       "Open Data"
+    verify:
+      title: "Verify your account"
+      info: "For verufy your account introduce your access data:"
+      info_code: "Now introduce the code you received in letter:"
+      email: "Email"
+      password: "Password"
+      code: "Code you received in letter"
+      submit: "Verify my account"

config/locales/pages.es.yml

@@ -21,3 +21,11 @@ es:
       "Transparencia"
     opendata:
       "Datos abiertos"
+    verify:
+      title: "Verifica tu cuenta"
+      info: "Para verificar tu cuenta introduce los datos con los que te registraste:"
+      info_code: "Ahora introduce el código que has recibido en tu carta:"
+      email: "Email"
+      password: "Contraseña"
+      code: "Código que has recibido en tu carta"
+      submit: "Verificar mi cuenta"

config/locales/verification.en.yml

@@ -88,12 +88,11 @@ en:
         see_all: "See proposals"
       update:
         flash:
-          success: "Correct code. Your account is verified"
+          success: "Your account has been verified"
       alert:
         unconfirmed_code: "You have not yet enter the confirmation code"
       errors:
-        letter_not_sent: "We have not sent you the letter with the code yet"
+        incorrect_code: "Incorrect confirmation code"
-        incorect_code: "Incorrect confirmation code"
     verified_user:
       show:
         title: "Available information"

config/locales/verification.es.yml

@@ -88,12 +88,11 @@ es:
         see_all: "Ver propuestas"
       update:
         flash:
-          success: "Código correcto. Tu cuenta ya está verificada"
+          success: "Tu cuenta ya está verificada"
       alert:
         unconfirmed_code: "Todavía no has introducido el código de confirmación"
       errors:
-        letter_not_sent: "Aún no te hemos enviado la carta con el código"
+        incorrect_code: "Código de verificación incorrecto"
-        incorect_code: "Código de verificación incorrecto"
     verified_user:
       show:
         title: "Información disponible"

config/routes.rb

@@ -70,7 +70,7 @@ Rails.application.routes.draw do
     resource :sms, controller: "sms", only: [:new, :create, :edit, :update]
     resource :verified_user, controller: "verified_user", only: [:show]
     resource :email, controller: "email", only: [:new, :show, :create]
-    resource :letter, controller: "letter", only: [:new, :create, :edit, :update]
+    resource :letter, controller: "letter", only: [:new, :create, :show, :edit, :update]
   end
 
   namespace :admin do
@@ -272,5 +272,5 @@ Rails.application.routes.draw do
   get "/participation_world", to: "pages#participation_world"
   get "/blog", to: "pages#blog"
   get "/accessibility", to: "pages#accessibility"
-
+  get "/verifica", to: "verification/letter#edit"
 end

db/migrate/20151020112354_remove_letter_sent_at_from_users.rb

@@ -0,0 +1,5 @@
+class RemoveLetterSentAtFromUsers < ActiveRecord::Migration
+  def change
+    remove_column :users, :letter_sent_at, :datetime
+  end
+end

db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20151019133719) do
+ActiveRecord::Schema.define(version: 20151020112354) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -284,7 +284,6 @@ ActiveRecord::Schema.define(version: 20151019133719) do
     t.string   "document_number"
     t.string   "document_type"
     t.datetime "residence_verified_at"
-    t.datetime "letter_sent_at"
     t.string   "email_verification_token"
     t.datetime "verified_at"
     t.string   "unconfirmed_phone"

spec/factories.rb

@@ -79,6 +79,9 @@ FactoryGirl.define do
 
   factory :verification_letter, class: Verification::Letter do
     user
+    email 'user@madrid.es'
+    password '1234'
+    verification_code '5555'
   end
 
   factory :lock do

spec/features/verification/letter_spec.rb

@@ -2,10 +2,9 @@ require 'rails_helper'
 
 feature 'Verify Letter' do
 
-  scenario 'Verify' do
+  scenario 'Request a letter' do
     user = create(:user, residence_verified_at: Time.now,
-                         confirmed_phone:       "611111111",
+                         confirmed_phone:       "611111111")
-                         letter_sent_at:        1.day.ago)
 
     login_as(user)
     visit new_letter_path
@@ -17,8 +16,7 @@ feature 'Verify Letter' do
 
   scenario 'Go to office instead of send letter' do
     user = create(:user, residence_verified_at: Time.now,
-                         confirmed_phone:       "611111111",
+                         confirmed_phone:       "611111111")
-                         letter_sent_at:        1.day.ago)
 
     login_as(user)
     visit new_letter_path
@@ -26,19 +24,6 @@ feature 'Verify Letter' do
     expect(page).to have_link "Office of Citizen", href: "http://www.madrid.es/portales/munimadrid/es/Inicio/El-Ayuntamiento/Atencion-al-ciudadano/Oficinas-de-Atencion-al-Ciudadano?vgnextfmt=default&vgnextchannel=5b99cde2e09a4310VgnVCM1000000b205a0aRCRD"
   end
 
-  scenario 'Errors on verification code' do
-    user = create(:user, residence_verified_at: Time.now,
-                         confirmed_phone:       "611111111",
-                         letter_sent_at:        1.day.ago)
-
-    login_as(user)
-    visit new_letter_path
-
-    click_link "Request a letter"
-    expect(page).to have_content "Before voting you'll receive a letter whith the instructions for verify your account."
-
-  end
-
   scenario "Deny access unless verified residence" do
     user = create(:user)
 
@@ -58,4 +43,79 @@ feature 'Verify Letter' do
     expect(page).to have_content 'You have not yet enter the confirmation code'
     expect(current_path).to eq(new_sms_path)
   end
+
+  context "Code verification" do
+
+    scenario "Valid verification user logged in" do
+      user = create(:user, residence_verified_at: Time.now,
+                           confirmed_phone:       "611111111",
+                           letter_verification_code: "123456")
+
+      login_as(user)
+      visit edit_letter_path
+
+      fill_in "verification_letter_email", with: user.email
+      fill_in "verification_letter_password", with: user.password
+      fill_in "verification_letter_verification_code", with: user.letter_verification_code
+      click_button "Verify my account"
+
+      expect(page).to have_content "Your account has been verified"
+      expect(current_path).to eq(account_path)
+    end
+
+    scenario "Valid verification user not logged in" do
+      user = create(:user, residence_verified_at: Time.now,
+                           confirmed_phone:       "611111111",
+                           letter_verification_code: "123456")
+
+      visit edit_letter_path
+
+      fill_in "verification_letter_email", with: user.email
+      fill_in "verification_letter_password", with: user.password
+      fill_in "verification_letter_verification_code", with: user.letter_verification_code
+      click_button "Verify my account"
+
+      expect(page).to have_content "Your account has been verified"
+      expect(current_path).to eq(account_path)
+    end
+
+    scenario "Error messages on authentication" do
+      visit edit_letter_path
+
+      click_button "Verify my account"
+
+      expect(page).to have_content "Invalid email or password."
+    end
+
+    scenario "Error messages on verification" do
+      user = create(:user, residence_verified_at: Time.now,
+                           confirmed_phone:       "611111111")
+
+      visit edit_letter_path
+      fill_in "verification_letter_email", with: user.email
+      fill_in "verification_letter_password", with: user.password
+      click_button "Verify my account"
+
+      expect(page).to have_content "can't be blank"
+    end
+
+    scenario '6 tries allowed' do
+      user = create(:user, residence_verified_at:    Time.now,
+                           confirmed_phone:          "611111111",
+                           letter_verification_code: "123456")
+
+      visit edit_letter_path
+
+      6.times do
+        fill_in "verification_letter_email", with: user.email
+        fill_in "verification_letter_password", with: user.password
+        fill_in "verification_letter_verification_code", with: "1"
+        click_button "Verify my account"
+      end
+
+      expect(page).to have_content "You have reached the maximum number of verification tries. Please try again later."
+      expect(current_path).to eq(account_path)
+    end
+
+  end
 end

spec/features/verification/verification_path_spec.rb

@@ -51,7 +51,7 @@ feature 'Verification path' do
   end
 
   scenario "User received verification email" do
-    user = create(:user, letter_requested_at: Time.now, letter_verification_code: "666")
+    user = create(:user, residence_verified_at: Time.now, email_verification_token: "1234")
 
     login_as(user)
     visit verification_path
@@ -90,7 +90,7 @@ feature 'Verification path' do
 
     login_as(user)
 
-    verification_paths = [new_residence_path, verified_user_path, edit_sms_path, new_letter_path, edit_letter_path]
+    verification_paths = [new_residence_path, verified_user_path, edit_sms_path, new_letter_path]
     verification_paths.each do |step_path|
       visit step_path
 

spec/models/letter_spec.rb

@@ -21,42 +21,31 @@ describe 'Verification::Letter' do
 
   describe "save" do
 
-    before(:each) do
-      letter = Verification::Letter.new(user: user)
-      letter.save
-      user.reload
-    end
-
     it "should update letter_requested" do
-      expect(user.letter_requested_at).to be
+      letter = build(:verification_letter)
+      letter.save
+      expect(letter.user.letter_requested_at).to be
     end
 
   end
 
-  describe "#verified?" do
+  describe "#verify" do
 
-    let(:letter) { build(:verification_letter) }
+    let(:letter) { build(:verification_letter, verify: true) }
 
-    it "letter not sent" do
+    it "incorrect code" do
-      letter.user.update(letter_sent_at: nil)
+      letter.user.update(letter_verification_code: "123456")
+      letter.verification_code = "5555"
 
-      expect(letter.verified?).to eq(false)
+      expect(letter.valid?).to eq(false)
-      expect(letter.errors[:verification_code].first).to eq("We have not sent you the letter with the code yet")
-    end
-
-    it "letter sent but incorrect code" do
-      letter.user.update(letter_sent_at: 1.day.ago, letter_verification_code: "123456")
-      letter.verification_code = nil
-
-      expect(letter.verified?).to eq(false)
       expect(letter.errors[:verification_code].first).to eq("Incorrect confirmation code")
     end
 
-    it "letter sent and correct code" do
+    it "correct code" do
-      letter.user.update(letter_sent_at: 1.day.ago, letter_verification_code: "123456")
+      letter.user.update(letter_verification_code: "123456")
       letter.verification_code = "123456"
 
-      expect(letter.verified?).to eq(true)
+      expect(letter.valid?).to eq(true)
       expect(letter.errors).to be_empty
     end
   end