Enable devise lockable module with default values
In order to the display a warn text on the last attempt before the account is locked, we need update config.paranoid to false as the devise documentation explains. Adding "config.paranoid: false" implies further changes to the code, so for now we unncomment the default value "config.last_attempt_warning = true" and update it to false.
This commit is contained in:
taitus
25
spec/controllers/users/sessions_controller_spec.rb
Normal file
25
spec/controllers/users/sessions_controller_spec.rb
Normal file
@@ -0,0 +1,25 @@
|
||||
require "rails_helper"
|
||||
|
||||
describe Users::SessionsController do
|
||||
before { request.env["devise.mapping"] = Devise.mappings[:user] }
|
||||
|
||||
let!(:user) { create(:user, email: "citizen@consul.org", password: "12345678") }
|
||||
|
||||
describe "Devise lock" do
|
||||
context "when devise sign in maximum_attempts reached", :with_frozen_time do
|
||||
it "locks the user account and sends an email to the account with an unlock link" do
|
||||
user.update(failed_attempts: 19)
|
||||
|
||||
expect do
|
||||
post :create, params: { user: { login: "citizen@consul.org", password: "wrongpassword" }}
|
||||
end.to change { user.reload.failed_attempts }.by(1)
|
||||
.and change { user.reload.locked_at }.from(nil).to(Time.current)
|
||||
|
||||
expect(ActionMailer::Base.deliveries.count).to eq(1)
|
||||
body = ActionMailer::Base.deliveries.last.body
|
||||
expect(body).to have_content "Your account has been locked"
|
||||
expect(body).to have_link "Unlock my account"
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user