test: user login, session creation

turingschool · Aug 22, 2024 · a402710 · a402710
1 parent 09ddd12
commit a402710
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 16 deletions.
diff --git a/spec/requests/api/v1/sessions_request_spec.rb b/spec/requests/api/v1/sessions_request_spec.rb
@@ -0,0 +1,45 @@
+require 'rails_helper'
+
+RSpec.describe 'Sessions requests', type: :request do
+  describe 'POST /sessions' do
+    it 'logs in a existing user' do
+      user = User.create(email: '[email protected]', password: 'password', password_confirmation: 'password')
+
+      post '/api/v1/sessions', params: { email: user.email, password: user.password }
+
+      expect(response).to have_http_status(:ok)
+
+      expect(session[:user_id]).to eq(user.id)
+
+      response_body = JSON.parse(response.body, symbolize_names: true)
+
+      expect(response_body[:data][:attributes][:email]).to eq(user.email)
+    end
+
+    it 'does not log in a non-existing user' do
+      post '/api/v1/sessions', params: { email: '[email protected]', password: 'password' }
+
+      expect(response).to have_http_status(:unauthorized)
+
+      expect(session[:user_id]).to be_nil
+
+      response_body = JSON.parse(response.body, symbolize_names: true)
+
+      expect(response_body[:errors].first[:message]).to eq('Invalid email or password')
+    end
+
+    it 'does not log in a user with wrong password' do
+      user = User.create(email: '[email protected]', password: 'password', password_confirmation: 'password')
+
+      post '/api/v1/sessions', params: { email: user.email, password: 'passkey' }
+
+      expect(response).to have_http_status(:unauthorized)
+
+      expect(session[:user_id]).to be_nil
+
+      response_body = JSON.parse(response.body, symbolize_names: true)
+
+      expect(response_body[:errors].first[:message]).to eq('Invalid email or password')
+    end
+  end
+end
diff --git a/spec/requests/api/v1/user_request_spec.rb b/spec/requests/api/v1/user_request_spec.rb
@@ -36,20 +36,4 @@
       expect(error[:errors].first[:message]).to eq("Password confirmation doesn't match Password")
     end
   end
-
-  describe 'POST /sessions' do
-    it 'logs in a existing user' do
-      user = User.create(email: '[email protected]', password: 'password', password_confirmation: 'password')
-
-      post '/api/v1/sessions', params: { email: user.email, password: user.password }
-
-      expect(response).to have_http_status(:ok)
-
-      expect(session[:user_id]).to eq(user.id)
-
-      response_body = JSON.parse(response.body, symbolize_names: true)
-
-      expect(response_body[:data][:attributes][:email]).to eq(user.email)
-    end
-  end
 end