Respond with 404 when confirming an invalid token
We were getting a 500 Internal Server Error because `find_by` returned `nil`, but the code assumed it returned an object responding to `encrypted_password`. In this case, maybe some other status code (like 400 or 401) might be more appropriate, but I've kept 404 because it was easier to implement and I wasn't sure which one was better. Also note ideally we would test the controller using: expect(response).to have_http_status(:not_found) However, we would need to configure the test to show exceptions and not to consider all requests local. I haven't been able to do so for controller tests, and doing so for feature/request specs seems to require changes in the test environment configuration which would affect other tests.
This commit is contained in:
Javi Martín
13
spec/controllers/users/confirmations_controller_spec.rb
Normal file
13
spec/controllers/users/confirmations_controller_spec.rb
Normal file
@@ -0,0 +1,13 @@
|
||||
require "rails_helper"
|
||||
|
||||
describe Users::ConfirmationsController do
|
||||
before do
|
||||
@request.env["devise.mapping"] = Devise.mappings[:user]
|
||||
end
|
||||
|
||||
describe "GET show" do
|
||||
it "returns a 404 code with a wrong token" do
|
||||
expect { get :show, token: "non_existent" }.to raise_error ActiveRecord::RecordNotFound
|
||||
end
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user