diff --git a/app/models/user.rb b/app/models/user.rb index c9aae0143..0eacd47bd 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -292,7 +292,8 @@ class User < ActiveRecord::Base def self.find_for_database_authentication(warden_conditions) conditions = warden_conditions.dup if login = conditions.delete(:login) - where(conditions.to_hash).where(["lower(email) = ? OR username = ?", login.downcase, login]).first + where(conditions.to_hash).where(["lower(email) = ?", login.downcase]).first || + where(conditions.to_hash).where(["username = ?", login]).first elsif conditions.has_key?(:username) || conditions.has_key?(:email) where(conditions.to_hash).first end diff --git a/spec/features/users_auth_spec.rb b/spec/features/users_auth_spec.rb index ce272684a..0e3d7b5e5 100644 --- a/spec/features/users_auth_spec.rb +++ b/spec/features/users_auth_spec.rb @@ -3,55 +3,102 @@ require 'rails_helper' feature 'Users' do context 'Regular authentication' do - scenario 'Sign up' do - visit '/' - click_link 'Register' + context 'Sign up' do - fill_in 'user_username', with: 'Manuela Carmena' - fill_in 'user_email', with: 'manuela@consul.dev' - fill_in 'user_password', with: 'judgementday' - fill_in 'user_password_confirmation', with: 'judgementday' - check 'user_terms_of_service' + scenario 'Success' do + visit '/' + click_link 'Register' - click_button 'Register' + fill_in 'user_username', with: 'Manuela Carmena' + fill_in 'user_email', with: 'manuela@consul.dev' + fill_in 'user_password', with: 'judgementday' + fill_in 'user_password_confirmation', with: 'judgementday' + check 'user_terms_of_service' - expect(page).to have_content "You have been sent a message containing a verification link. Please click on this link to activate your account." + click_button 'Register' - confirm_email + expect(page).to have_content "You have been sent a message containing a verification link. Please click on this link to activate your account." + + confirm_email + + expect(page).to have_content "Your account has been confirmed." + end + + scenario 'Errors on sign up' do + visit '/' + click_link 'Register' + click_button 'Register' + + expect(page).to have_content error_message + end - expect(page).to have_content "Your account has been confirmed." end - scenario 'Errors on sign up' do - visit '/' - click_link 'Register' - click_button 'Register' + context 'Sign in' do - expect(page).to have_content error_message - end + scenario 'sign in with email' do + create(:user, email: 'manuela@consul.dev', password: 'judgementday') - scenario 'Sign in' do - create(:user, email: 'manuela@consul.dev', password: 'judgementday') + visit '/' + click_link 'Sign in' + fill_in 'user_login', with: 'manuela@consul.dev' + fill_in 'user_password', with: 'judgementday' + click_button 'Enter' - visit '/' - click_link 'Sign in' - fill_in 'user_login', with: 'manuela@consul.dev' - fill_in 'user_password', with: 'judgementday' - click_button 'Enter' + expect(page).to have_content 'You have been signed in successfully.' + end - expect(page).to have_content 'You have been signed in successfully.' - end + scenario 'Sign in with username' do + create(:user, username: 'πŸ‘»πŸ‘½πŸ‘ΎπŸ€–', email: 'ash@nostromo.dev', password: 'xenomorph') - scenario 'Sign in with username' do - create(:user, username: 'larry', email: 'manuela@consul.dev', password: 'judgementday') + visit '/' + click_link 'Sign in' + fill_in 'user_login', with: 'πŸ‘»πŸ‘½πŸ‘ΎπŸ€–' + fill_in 'user_password', with: 'xenomorph' + click_button 'Enter' - visit '/' - click_link 'Sign in' - fill_in 'user_login', with: 'larry' - fill_in 'user_password', with: 'judgementday' - click_button 'Enter' + expect(page).to have_content 'You have been signed in successfully.' + end - expect(page).to have_content 'You have been signed in successfully.' + scenario 'Avoid username-email collisions' do + u1 = create(:user, username: 'Spidey', email: 'peter@nyc.dev', password: 'greatpower') + u2 = create(:user, username: 'peter@nyc.dev', email: 'venom@nyc.dev', password: 'symbiote') + + visit '/' + click_link 'Sign in' + fill_in 'user_login', with: 'peter@nyc.dev' + fill_in 'user_password', with: 'greatpower' + click_button 'Enter' + + expect(page).to have_content 'You have been signed in successfully.' + + visit account_path + + expect(page).to have_link 'My activity', href: user_path(u1) + + visit '/' + click_link 'Sign out' + + expect(page).to have_content 'You have been signed out successfully.' + + click_link 'Sign in' + fill_in 'user_login', with: 'peter@nyc.dev' + fill_in 'user_password', with: 'symbiote' + click_button 'Enter' + + expect(page).to_not have_content 'You have been signed in successfully.' + expect(page).to have_content 'Invalid login or password.' + + fill_in 'user_login', with: 'venom@nyc.dev' + fill_in 'user_password', with: 'symbiote' + click_button 'Enter' + + expect(page).to have_content 'You have been signed in successfully.' + + visit account_path + + expect(page).to have_link 'My activity', href: user_path(u2) + end end end