diff options
| -rw-r--r-- | t/02-registration.t | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/t/02-registration.t b/t/02-registration.t index 85355df..4c8008f 100644 --- a/t/02-registration.t +++ b/t/02-registration.t @@ -80,6 +80,16 @@ my ( $uid, $token ) = @{ $res->hash }{qw{id token}}; $t->get_ok("/reg/${uid}/${token}"); $t->status_is(200)->content_like(qr{freigeschaltet}); +# Failed login (wrong password) +$t->post_ok( + '/login' => form => { + csrf_token => $csrf_token, + user => 'someone', + password => 'definitely invalid', + } +); +$t->status_is(200)->content_like(qr{falsches Passwort}); + # Successful login $t->post_ok( '/login' => form => { @@ -116,5 +126,39 @@ $t->status_is(302)->header_is( location => '/account' ); $t->get_ok('/account'); $t->status_is(200)->content_unlike(qr{wird gelöscht}); +$csrf_token + = $t->ua->get('/change_password')->res->dom->at('input[name=csrf_token]') + ->attr('value'); + +$t->post_ok( + '/change_password' => form => { + csrf_token => $csrf_token, + oldpw => 'foofoofoo', + newpw => 'barbarbar', + newpw2 => 'barbarbar', + } +); +$t->status_is(302)->header_is( location => '/account' ); + +$csrf_token = $t->ua->get('/account')->res->dom->at('input[name=csrf_token]') + ->attr('value'); +$t->post_ok( + '/logout' => form => { + csrf_token => $csrf_token, + } +); +$t->status_is(302)->header_is( location => '/login' ); + +$csrf_token = $t->ua->get('/login')->res->dom->at('input[name=csrf_token]') + ->attr('value'); +$t->post_ok( + '/login' => form => { + csrf_token => $csrf_token, + user => 'someone', + password => 'barbarbar', + } +); +$t->status_is(302)->header_is( location => '/' ); + $t->app->pg->db->query('drop schema travelynx_test_02 cascade'); done_testing(); |