submit-social-housing-letti.../spec/requests/auth/passwords_controller_spec.rb

require "rails_helper"
require_relative "../../support/devise"

RSpec.describe Auth::PasswordsController, type: :request do
  let(:params) { { user: { email: } } }
  let(:page) { Capybara::Node::Simple.new(response.body) }
  let(:notify_client) { instance_double(Notifications::Client) }
  let(:devise_notify_mailer) { DeviseNotifyMailer.new }

  before do
    allow(DeviseNotifyMailer).to receive(:new).and_return(devise_notify_mailer)
    allow(devise_notify_mailer).to receive(:notify_client).and_return(notify_client)
    allow(notify_client).to receive(:send_email).and_return(true)
  end

  context "when a password reset is requested for a valid email" do
    let(:user) { FactoryBot.create(:user) }
    let(:email) { user.email }

    it "redirects to the email sent page" do
      post "/users/password", params: params
      expect(response).to have_http_status(:redirect)
      follow_redirect!
      expect(response.body).to match(/Check your email/)
    end
  end

  context "when a password reset is requested with an email that doesn't exist in the system" do
    before do
      allow(Devise.navigational_formats).to receive(:include?).and_return(false)
    end

    let(:email) { "madeup_email@test.com" }

    it "redirects to the email sent page anyway" do
      post "/users/password", params: params
      expect(response).to have_http_status(:redirect)
      follow_redirect!
      expect(response.body).to match(/Check your email/)
    end
  end

  describe "#Update - reset password" do
    let(:user) { FactoryBot.create(:user) }
    let(:token) { user.send(:set_reset_password_token) }
    let(:updated_password) { "updated_password_280" }
    let(:update_password_params) do
      {
        user:
          {
            reset_password_token: token,
            password: updated_password,
            password_confirmation: updated_password,
          },
      }
    end
    let(:message) { "Your password has been changed successfully. You are now signed in" }

    it "changes the password" do
      expect { put "/users/password", params: update_password_params }
        .to(change { user.reload.encrypted_password })
    end

    it "after password change, the user is signed in" do
      put "/users/password", params: update_password_params
      # Devise redirects once after re-sign in with new password and then root redirects as well.
      follow_redirect!
      follow_redirect!
      expect(page).to have_css("div", class: "govuk-notification-banner__heading", text: message)
    end
  end
end
Password reset routing 3 years ago			`require "rails_helper"`
			`require_relative "../../support/devise"`

Invite new user (#134) * Clean up user routes * Make user registerable * Merge * Turbo devise strikes again * URL naming * Dashes not underscores * Consistent syntax * Turning off turbo changes our html * Update password link not working yet * New user path * Password edit path * Updating password keeps you signed in and redirects to show * Set new user org * Write a failing spec for user creation * Reset user password and redirect back to org users page * Test redirect * Use invite template * Request specs over feature specs * Add email validation 3 years ago			`RSpec.describe Auth::PasswordsController, type: :request do`
Ruby 3.1 syntax rubocop 3 years ago			`let(:params) { { user: { email: } } }`
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working 3 years ago			`let(:page) { Capybara::Node::Simple.new(response.body) }`
Rubocop rspec fixes (#264) 3 years ago			`let(:notify_client) { instance_double(Notifications::Client) }`
Rspec rubocop cleanup (#266) * Devise token stubs * Case logs controller stubs * More devise token stubs * And another one bites the dust * 2 left * All cops pass 3 years ago			`let(:devise_notify_mailer) { DeviseNotifyMailer.new }`
Use Notify rather than Gmail for devise emails (#241) * Use Notify rather than Gmail for devise emails * Remove Devise mailer views * Use real account template IDs 3 years ago
			`before do`
Rspec rubocop cleanup (#266) * Devise token stubs * Case logs controller stubs * More devise token stubs * And another one bites the dust * 2 left * All cops pass 3 years ago			`allow(DeviseNotifyMailer).to receive(:new).and_return(devise_notify_mailer)`
			`allow(devise_notify_mailer).to receive(:notify_client).and_return(notify_client)`
Use Notify rather than Gmail for devise emails (#241) * Use Notify rather than Gmail for devise emails * Remove Devise mailer views * Use real account template IDs 3 years ago			`allow(notify_client).to receive(:send_email).and_return(true)`
			`end`
Password reset routing 3 years ago
Rubocop 3 years ago			`context "when a password reset is requested for a valid email" do`
			`let(:user) { FactoryBot.create(:user) }`
			`let(:email) { user.email }`
Password reset routing 3 years ago
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working 3 years ago			`it "redirects to the email sent page" do`
Rubocop 3 years ago			`post "/users/password", params: params`
			`expect(response).to have_http_status(:redirect)`
			`follow_redirect!`
			`expect(response.body).to match(/Check your email/)`
Password reset routing 3 years ago			`end`
Rubocop 3 years ago			`end`
Password reset routing 3 years ago
Rubocop 3 years ago			`context "when a password reset is requested with an email that doesn't exist in the system" do`
			`before do`
Rspec rubocop cleanup (#266) * Devise token stubs * Case logs controller stubs * More devise token stubs * And another one bites the dust * 2 left * All cops pass 3 years ago			`allow(Devise.navigational_formats).to receive(:include?).and_return(false)`
Rubocop 3 years ago			`end`
Password reset routing 3 years ago
Rubocop 3 years ago			`let(:email) { "madeup_email@test.com" }`
Password reset routing 3 years ago
Rubocop 3 years ago			`it "redirects to the email sent page anyway" do`
			`post "/users/password", params: params`
			`expect(response).to have_http_status(:redirect)`
			`follow_redirect!`
			`expect(response.body).to match(/Check your email/)`
Password reset routing 3 years ago			`end`
Reset email specs 3 years ago			`end`

Rubocop rspec fixes (#264) 3 years ago			`describe "#Update - reset password" do`
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working 3 years ago			`let(:user) { FactoryBot.create(:user) }`
			`let(:token) { user.send(:set_reset_password_token) }`
			`let(:updated_password) { "updated_password_280" }`
			`let(:update_password_params) do`
			`{`
			`user:`
			`{`
			`reset_password_token: token,`
			`password: updated_password,`
			`password_confirmation: updated_password,`
			`},`
			`}`
			`end`
			`let(:message) { "Your password has been changed successfully. You are now signed in" }`

			`it "changes the password" do`
			`expect { put "/users/password", params: update_password_params }`
			`.to(change { user.reload.encrypted_password })`
			`end`

Redirect logged in users to /logs from the index page (#243) * redirect logged in users to /logs from the index page * Fix tests Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> 3 years ago			`it "after password change, the user is signed in" do`
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working 3 years ago			`put "/users/password", params: update_password_params`
Redirect logged in users to /logs from the index page (#243) * redirect logged in users to /logs from the index page * Fix tests Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> Co-authored-by: baarkerlounger <baarkerlounger@users.noreply.github.com> 3 years ago			`# Devise redirects once after re-sign in with new password and then root redirects as well.`
			`follow_redirect!`
Fix password reset flow (#157) * Render gov uk reset view * Pass password reset token * Test password update and sign in * The cop is working 3 years ago			`follow_redirect!`
			`expect(page).to have_css("div", class: "govuk-notification-banner__heading", text: message)`
			`end`
			`end`
Password reset routing 3 years ago			`end`