a1955531e1
In order to the display a warn text on the last attempt before the account is locked, we need update config.paranoid to false as the devise documentation explains. Adding "config.paranoid: false" implies further changes to the code, so for now we unncomment the default value "config.last_attempt_warning = true" and update it to false.
26 lines
978 B
Ruby
26 lines
978 B
Ruby
require "rails_helper"
|
|
|
|
describe Users::SessionsController do
|
|
before { request.env["devise.mapping"] = Devise.mappings[:user] }
|
|
|
|
let!(:user) { create(:user, email: "citizen@consul.org", password: "12345678") }
|
|
|
|
describe "Devise lock" do
|
|
context "when devise sign in maximum_attempts reached", :with_frozen_time do
|
|
it "locks the user account and sends an email to the account with an unlock link" do
|
|
user.update(failed_attempts: 19)
|
|
|
|
expect do
|
|
post :create, params: { user: { login: "citizen@consul.org", password: "wrongpassword" }}
|
|
end.to change { user.reload.failed_attempts }.by(1)
|
|
.and change { user.reload.locked_at }.from(nil).to(Time.current)
|
|
|
|
expect(ActionMailer::Base.deliveries.count).to eq(1)
|
|
body = ActionMailer::Base.deliveries.last.body
|
|
expect(body).to have_content "Your account has been locked"
|
|
expect(body).to have_link "Unlock my account"
|
|
end
|
|
end
|
|
end
|
|
end
|