Commit ·
31c052b
1
Parent(s): d107e48
fix: Authenticated routes and password length test
Browse files- lib/medical_transcription_web/live/user_confirmation_live.ex +3 -3
- lib/medical_transcription_web/router.ex +1 -3
- lib/medical_transcription_web/user_auth.ex +1 -1
- test/medical_transcription/accounts_test.exs +6 -6
- test/medical_transcription_web/controllers/page_controller_test.exs +8 -0
- test/medical_transcription_web/controllers/user_session_controller_test.exs +2 -2
- test/medical_transcription_web/live/home_live_test.exs +8 -0
- test/medical_transcription_web/live/user_confirmation_live_test.exs +4 -4
- test/medical_transcription_web/live/user_registration_live_test.exs +2 -2
- test/medical_transcription_web/live/user_reset_password_live_test.exs +4 -4
- test/medical_transcription_web/live/user_settings_live_test.exs +4 -4
- test/medical_transcription_web/user_auth_test.exs +2 -2
lib/medical_transcription_web/live/user_confirmation_live.ex
CHANGED
|
@@ -36,7 +36,7 @@ defmodule MedicalTranscriptionWeb.UserConfirmationLive do
|
|
| 36 |
{:noreply,
|
| 37 |
socket
|
| 38 |
|> put_flash(:info, "User confirmed successfully.")
|
| 39 |
-
|> redirect(to: ~p"/")}
|
| 40 |
|
| 41 |
:error ->
|
| 42 |
# If there is a current user and the account was already confirmed,
|
|
@@ -45,13 +45,13 @@ defmodule MedicalTranscriptionWeb.UserConfirmationLive do
|
|
| 45 |
# a warning message.
|
| 46 |
case socket.assigns do
|
| 47 |
%{current_user: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) ->
|
| 48 |
-
{:noreply, redirect(socket, to: ~p"/")}
|
| 49 |
|
| 50 |
%{} ->
|
| 51 |
{:noreply,
|
| 52 |
socket
|
| 53 |
|> put_flash(:error, "User confirmation link is invalid or it has expired.")
|
| 54 |
-
|> redirect(to: ~p"/")}
|
| 55 |
end
|
| 56 |
end
|
| 57 |
end
|
|
|
|
| 36 |
{:noreply,
|
| 37 |
socket
|
| 38 |
|> put_flash(:info, "User confirmed successfully.")
|
| 39 |
+
|> redirect(to: ~p"/users/log_in")}
|
| 40 |
|
| 41 |
:error ->
|
| 42 |
# If there is a current user and the account was already confirmed,
|
|
|
|
| 45 |
# a warning message.
|
| 46 |
case socket.assigns do
|
| 47 |
%{current_user: %{confirmed_at: confirmed_at}} when not is_nil(confirmed_at) ->
|
| 48 |
+
{:noreply, redirect(socket, to: ~p"/users/log_in")}
|
| 49 |
|
| 50 |
%{} ->
|
| 51 |
{:noreply,
|
| 52 |
socket
|
| 53 |
|> put_flash(:error, "User confirmation link is invalid or it has expired.")
|
| 54 |
+
|> redirect(to: ~p"/users/log_in")}
|
| 55 |
end
|
| 56 |
end
|
| 57 |
end
|
lib/medical_transcription_web/router.ex
CHANGED
|
@@ -71,17 +71,15 @@ defmodule MedicalTranscriptionWeb.Router do
|
|
| 71 |
|
| 72 |
live_session :require_authenticated_user,
|
| 73 |
on_mount: [{MedicalTranscriptionWeb.UserAuth, :ensure_authenticated}] do
|
| 74 |
-
live "/", HomeLive.Index
|
| 75 |
live "/users/settings", UserSettingsLive, :edit
|
| 76 |
live "/users/settings/confirm_email/:token", UserSettingsLive, :confirm_email
|
|
|
|
| 77 |
end
|
| 78 |
end
|
| 79 |
|
| 80 |
scope "/", MedicalTranscriptionWeb do
|
| 81 |
pipe_through [:browser]
|
| 82 |
|
| 83 |
-
live "/", UserLoginLive, :new
|
| 84 |
-
|
| 85 |
delete "/users/log_out", UserSessionController, :delete
|
| 86 |
|
| 87 |
live_session :current_user,
|
|
|
|
| 71 |
|
| 72 |
live_session :require_authenticated_user,
|
| 73 |
on_mount: [{MedicalTranscriptionWeb.UserAuth, :ensure_authenticated}] do
|
|
|
|
| 74 |
live "/users/settings", UserSettingsLive, :edit
|
| 75 |
live "/users/settings/confirm_email/:token", UserSettingsLive, :confirm_email
|
| 76 |
+
live "/", HomeLive.Index
|
| 77 |
end
|
| 78 |
end
|
| 79 |
|
| 80 |
scope "/", MedicalTranscriptionWeb do
|
| 81 |
pipe_through [:browser]
|
| 82 |
|
|
|
|
|
|
|
| 83 |
delete "/users/log_out", UserSessionController, :delete
|
| 84 |
|
| 85 |
live_session :current_user,
|
lib/medical_transcription_web/user_auth.ex
CHANGED
|
@@ -81,7 +81,7 @@ defmodule MedicalTranscriptionWeb.UserAuth do
|
|
| 81 |
conn
|
| 82 |
|> renew_session()
|
| 83 |
|> delete_resp_cookie(@remember_me_cookie)
|
| 84 |
-
|> redirect(to: ~p"/")
|
| 85 |
end
|
| 86 |
|
| 87 |
@doc """
|
|
|
|
| 81 |
conn
|
| 82 |
|> renew_session()
|
| 83 |
|> delete_resp_cookie(@remember_me_cookie)
|
| 84 |
+
|> redirect(to: ~p"/users/log_in")
|
| 85 |
end
|
| 86 |
|
| 87 |
@doc """
|
test/medical_transcription/accounts_test.exs
CHANGED
|
@@ -59,11 +59,11 @@ defmodule MedicalTranscription.AccountsTest do
|
|
| 59 |
end
|
| 60 |
|
| 61 |
test "validates email and password when given" do
|
| 62 |
-
{:error, changeset} = Accounts.register_user(%{email: "not valid", password: "
|
| 63 |
|
| 64 |
assert %{
|
| 65 |
email: ["must have the @ sign and no spaces"],
|
| 66 |
-
password: ["should be at least
|
| 67 |
} = errors_on(changeset)
|
| 68 |
end
|
| 69 |
|
|
@@ -262,12 +262,12 @@ defmodule MedicalTranscription.AccountsTest do
|
|
| 262 |
test "validates password", %{user: user} do
|
| 263 |
{:error, changeset} =
|
| 264 |
Accounts.update_user_password(user, valid_user_password(), %{
|
| 265 |
-
password: "
|
| 266 |
password_confirmation: "another"
|
| 267 |
})
|
| 268 |
|
| 269 |
assert %{
|
| 270 |
-
password: ["should be at least
|
| 271 |
password_confirmation: ["does not match password"]
|
| 272 |
} = errors_on(changeset)
|
| 273 |
end
|
|
@@ -471,12 +471,12 @@ defmodule MedicalTranscription.AccountsTest do
|
|
| 471 |
test "validates password", %{user: user} do
|
| 472 |
{:error, changeset} =
|
| 473 |
Accounts.reset_user_password(user, %{
|
| 474 |
-
password: "
|
| 475 |
password_confirmation: "another"
|
| 476 |
})
|
| 477 |
|
| 478 |
assert %{
|
| 479 |
-
password: ["should be at least
|
| 480 |
password_confirmation: ["does not match password"]
|
| 481 |
} = errors_on(changeset)
|
| 482 |
end
|
|
|
|
| 59 |
end
|
| 60 |
|
| 61 |
test "validates email and password when given" do
|
| 62 |
+
{:error, changeset} = Accounts.register_user(%{email: "not valid", password: "invalid"})
|
| 63 |
|
| 64 |
assert %{
|
| 65 |
email: ["must have the @ sign and no spaces"],
|
| 66 |
+
password: ["should be at least 8 character(s)"]
|
| 67 |
} = errors_on(changeset)
|
| 68 |
end
|
| 69 |
|
|
|
|
| 262 |
test "validates password", %{user: user} do
|
| 263 |
{:error, changeset} =
|
| 264 |
Accounts.update_user_password(user, valid_user_password(), %{
|
| 265 |
+
password: "invalid",
|
| 266 |
password_confirmation: "another"
|
| 267 |
})
|
| 268 |
|
| 269 |
assert %{
|
| 270 |
+
password: ["should be at least 8 character(s)"],
|
| 271 |
password_confirmation: ["does not match password"]
|
| 272 |
} = errors_on(changeset)
|
| 273 |
end
|
|
|
|
| 471 |
test "validates password", %{user: user} do
|
| 472 |
{:error, changeset} =
|
| 473 |
Accounts.reset_user_password(user, %{
|
| 474 |
+
password: "invalid",
|
| 475 |
password_confirmation: "another"
|
| 476 |
})
|
| 477 |
|
| 478 |
assert %{
|
| 479 |
+
password: ["should be at least 8 character(s)"],
|
| 480 |
password_confirmation: ["does not match password"]
|
| 481 |
} = errors_on(changeset)
|
| 482 |
end
|
test/medical_transcription_web/controllers/page_controller_test.exs
CHANGED
|
@@ -1,6 +1,14 @@
|
|
| 1 |
defmodule MedicalTranscriptionWeb.PageControllerTest do
|
| 2 |
use MedicalTranscriptionWeb.ConnCase
|
| 3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
test "GET /", %{conn: conn} do
|
| 5 |
conn = get(conn, ~p"/")
|
| 6 |
assert html_response(conn, 200) =~ "Medical Code Transcriber"
|
|
|
|
| 1 |
defmodule MedicalTranscriptionWeb.PageControllerTest do
|
| 2 |
use MedicalTranscriptionWeb.ConnCase
|
| 3 |
|
| 4 |
+
import MedicalTranscription.AccountsFixtures
|
| 5 |
+
|
| 6 |
+
setup %{conn: conn} do
|
| 7 |
+
password = valid_user_password()
|
| 8 |
+
user = user_fixture(%{password: password})
|
| 9 |
+
%{conn: log_in_user(conn, user)}
|
| 10 |
+
end
|
| 11 |
+
|
| 12 |
test "GET /", %{conn: conn} do
|
| 13 |
conn = get(conn, ~p"/")
|
| 14 |
assert html_response(conn, 200) =~ "Medical Code Transcriber"
|
test/medical_transcription_web/controllers/user_session_controller_test.exs
CHANGED
|
@@ -98,14 +98,14 @@ defmodule MedicalTranscriptionWeb.UserSessionControllerTest do
|
|
| 98 |
describe "DELETE /users/log_out" do
|
| 99 |
test "logs the user out", %{conn: conn, user: user} do
|
| 100 |
conn = conn |> log_in_user(user) |> delete(~p"/users/log_out")
|
| 101 |
-
assert redirected_to(conn) == ~p"/"
|
| 102 |
refute get_session(conn, :user_token)
|
| 103 |
assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Logged out successfully"
|
| 104 |
end
|
| 105 |
|
| 106 |
test "succeeds even if the user is not logged in", %{conn: conn} do
|
| 107 |
conn = delete(conn, ~p"/users/log_out")
|
| 108 |
-
assert redirected_to(conn) == ~p"/"
|
| 109 |
refute get_session(conn, :user_token)
|
| 110 |
assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Logged out successfully"
|
| 111 |
end
|
|
|
|
| 98 |
describe "DELETE /users/log_out" do
|
| 99 |
test "logs the user out", %{conn: conn, user: user} do
|
| 100 |
conn = conn |> log_in_user(user) |> delete(~p"/users/log_out")
|
| 101 |
+
assert redirected_to(conn) == ~p"/users/log_in"
|
| 102 |
refute get_session(conn, :user_token)
|
| 103 |
assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Logged out successfully"
|
| 104 |
end
|
| 105 |
|
| 106 |
test "succeeds even if the user is not logged in", %{conn: conn} do
|
| 107 |
conn = delete(conn, ~p"/users/log_out")
|
| 108 |
+
assert redirected_to(conn) == ~p"/users/log_in"
|
| 109 |
refute get_session(conn, :user_token)
|
| 110 |
assert Phoenix.Flash.get(conn.assigns.flash, :info) =~ "Logged out successfully"
|
| 111 |
end
|
test/medical_transcription_web/live/home_live_test.exs
CHANGED
|
@@ -3,6 +3,14 @@ defmodule MedicalTranscriptionWeb.HomeLiveTest do
|
|
| 3 |
|
| 4 |
import Phoenix.LiveViewTest
|
| 5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 6 |
describe "/" do
|
| 7 |
test "renders upload screen", %{conn: conn} do
|
| 8 |
# 1. Find file input
|
|
|
|
| 3 |
|
| 4 |
import Phoenix.LiveViewTest
|
| 5 |
|
| 6 |
+
import MedicalTranscription.AccountsFixtures
|
| 7 |
+
|
| 8 |
+
setup %{conn: conn} do
|
| 9 |
+
password = valid_user_password()
|
| 10 |
+
user = user_fixture(%{password: password})
|
| 11 |
+
%{conn: log_in_user(conn, user)}
|
| 12 |
+
end
|
| 13 |
+
|
| 14 |
describe "/" do
|
| 15 |
test "renders upload screen", %{conn: conn} do
|
| 16 |
# 1. Find file input
|
test/medical_transcription_web/live/user_confirmation_live_test.exs
CHANGED
|
@@ -29,7 +29,7 @@ defmodule MedicalTranscriptionWeb.UserConfirmationLiveTest do
|
|
| 29 |
lv
|
| 30 |
|> form("#confirmation_form")
|
| 31 |
|> render_submit()
|
| 32 |
-
|> follow_redirect(conn, "/")
|
| 33 |
|
| 34 |
assert {:ok, conn} = result
|
| 35 |
|
|
@@ -47,7 +47,7 @@ defmodule MedicalTranscriptionWeb.UserConfirmationLiveTest do
|
|
| 47 |
lv
|
| 48 |
|> form("#confirmation_form")
|
| 49 |
|> render_submit()
|
| 50 |
-
|> follow_redirect(conn, "/")
|
| 51 |
|
| 52 |
assert {:ok, conn} = result
|
| 53 |
|
|
@@ -65,7 +65,7 @@ defmodule MedicalTranscriptionWeb.UserConfirmationLiveTest do
|
|
| 65 |
lv
|
| 66 |
|> form("#confirmation_form")
|
| 67 |
|> render_submit()
|
| 68 |
-
|> follow_redirect(conn, "/")
|
| 69 |
|
| 70 |
assert {:ok, conn} = result
|
| 71 |
refute Phoenix.Flash.get(conn.assigns.flash, :error)
|
|
@@ -78,7 +78,7 @@ defmodule MedicalTranscriptionWeb.UserConfirmationLiveTest do
|
|
| 78 |
lv
|
| 79 |
|> form("#confirmation_form")
|
| 80 |
|> render_submit()
|
| 81 |
-
|> follow_redirect(conn, ~p"/")
|
| 82 |
|
| 83 |
assert Phoenix.Flash.get(conn.assigns.flash, :error) =~
|
| 84 |
"User confirmation link is invalid or it has expired"
|
|
|
|
| 29 |
lv
|
| 30 |
|> form("#confirmation_form")
|
| 31 |
|> render_submit()
|
| 32 |
+
|> follow_redirect(conn, "/users/log_in")
|
| 33 |
|
| 34 |
assert {:ok, conn} = result
|
| 35 |
|
|
|
|
| 47 |
lv
|
| 48 |
|> form("#confirmation_form")
|
| 49 |
|> render_submit()
|
| 50 |
+
|> follow_redirect(conn, "/users/log_in")
|
| 51 |
|
| 52 |
assert {:ok, conn} = result
|
| 53 |
|
|
|
|
| 65 |
lv
|
| 66 |
|> form("#confirmation_form")
|
| 67 |
|> render_submit()
|
| 68 |
+
|> follow_redirect(conn, "/users/log_in")
|
| 69 |
|
| 70 |
assert {:ok, conn} = result
|
| 71 |
refute Phoenix.Flash.get(conn.assigns.flash, :error)
|
|
|
|
| 78 |
lv
|
| 79 |
|> form("#confirmation_form")
|
| 80 |
|> render_submit()
|
| 81 |
+
|> follow_redirect(conn, ~p"/users/log_in")
|
| 82 |
|
| 83 |
assert Phoenix.Flash.get(conn.assigns.flash, :error) =~
|
| 84 |
"User confirmation link is invalid or it has expired"
|
test/medical_transcription_web/live/user_registration_live_test.exs
CHANGED
|
@@ -28,11 +28,11 @@ defmodule MedicalTranscriptionWeb.UserRegistrationLiveTest do
|
|
| 28 |
result =
|
| 29 |
lv
|
| 30 |
|> element("#registration_form")
|
| 31 |
-
|> render_change(user: %{"email" => "with spaces", "password" => "
|
| 32 |
|
| 33 |
assert result =~ "Register"
|
| 34 |
assert result =~ "must have the @ sign and no spaces"
|
| 35 |
-
assert result =~ "should be at least
|
| 36 |
end
|
| 37 |
end
|
| 38 |
|
|
|
|
| 28 |
result =
|
| 29 |
lv
|
| 30 |
|> element("#registration_form")
|
| 31 |
+
|> render_change(user: %{"email" => "with spaces", "password" => "short"})
|
| 32 |
|
| 33 |
assert result =~ "Register"
|
| 34 |
assert result =~ "must have the @ sign and no spaces"
|
| 35 |
+
assert result =~ "should be at least 8 character"
|
| 36 |
end
|
| 37 |
end
|
| 38 |
|
test/medical_transcription_web/live/user_reset_password_live_test.exs
CHANGED
|
@@ -40,10 +40,10 @@ defmodule MedicalTranscriptionWeb.UserResetPasswordLiveTest do
|
|
| 40 |
lv
|
| 41 |
|> element("#reset_password_form")
|
| 42 |
|> render_change(
|
| 43 |
-
user: %{"password" => "
|
| 44 |
)
|
| 45 |
|
| 46 |
-
assert result =~ "should be at least
|
| 47 |
assert result =~ "does not match password"
|
| 48 |
end
|
| 49 |
end
|
|
@@ -75,14 +75,14 @@ defmodule MedicalTranscriptionWeb.UserResetPasswordLiveTest do
|
|
| 75 |
lv
|
| 76 |
|> form("#reset_password_form",
|
| 77 |
user: %{
|
| 78 |
-
"password" => "
|
| 79 |
"password_confirmation" => "does not match"
|
| 80 |
}
|
| 81 |
)
|
| 82 |
|> render_submit()
|
| 83 |
|
| 84 |
assert result =~ "Reset Password"
|
| 85 |
-
assert result =~ "should be at least
|
| 86 |
assert result =~ "does not match password"
|
| 87 |
end
|
| 88 |
end
|
|
|
|
| 40 |
lv
|
| 41 |
|> element("#reset_password_form")
|
| 42 |
|> render_change(
|
| 43 |
+
user: %{"password" => "secret1", "password_confirmation" => "secret123456"}
|
| 44 |
)
|
| 45 |
|
| 46 |
+
assert result =~ "should be at least 8 character"
|
| 47 |
assert result =~ "does not match password"
|
| 48 |
end
|
| 49 |
end
|
|
|
|
| 75 |
lv
|
| 76 |
|> form("#reset_password_form",
|
| 77 |
user: %{
|
| 78 |
+
"password" => "short",
|
| 79 |
"password_confirmation" => "does not match"
|
| 80 |
}
|
| 81 |
)
|
| 82 |
|> render_submit()
|
| 83 |
|
| 84 |
assert result =~ "Reset Password"
|
| 85 |
+
assert result =~ "should be at least 8 character(s)"
|
| 86 |
assert result =~ "does not match password"
|
| 87 |
end
|
| 88 |
end
|
test/medical_transcription_web/live/user_settings_live_test.exs
CHANGED
|
@@ -127,13 +127,13 @@ defmodule MedicalTranscriptionWeb.UserSettingsLiveTest do
|
|
| 127 |
|> render_change(%{
|
| 128 |
"current_password" => "invalid",
|
| 129 |
"user" => %{
|
| 130 |
-
"password" => "
|
| 131 |
"password_confirmation" => "does not match"
|
| 132 |
}
|
| 133 |
})
|
| 134 |
|
| 135 |
assert result =~ "Change Password"
|
| 136 |
-
assert result =~ "should be at least
|
| 137 |
assert result =~ "does not match password"
|
| 138 |
end
|
| 139 |
|
|
@@ -145,14 +145,14 @@ defmodule MedicalTranscriptionWeb.UserSettingsLiveTest do
|
|
| 145 |
|> form("#password_form", %{
|
| 146 |
"current_password" => "invalid",
|
| 147 |
"user" => %{
|
| 148 |
-
"password" => "
|
| 149 |
"password_confirmation" => "does not match"
|
| 150 |
}
|
| 151 |
})
|
| 152 |
|> render_submit()
|
| 153 |
|
| 154 |
assert result =~ "Change Password"
|
| 155 |
-
assert result =~ "should be at least
|
| 156 |
assert result =~ "does not match password"
|
| 157 |
assert result =~ "is not valid"
|
| 158 |
end
|
|
|
|
| 127 |
|> render_change(%{
|
| 128 |
"current_password" => "invalid",
|
| 129 |
"user" => %{
|
| 130 |
+
"password" => "short",
|
| 131 |
"password_confirmation" => "does not match"
|
| 132 |
}
|
| 133 |
})
|
| 134 |
|
| 135 |
assert result =~ "Change Password"
|
| 136 |
+
assert result =~ "should be at least 8 character(s)"
|
| 137 |
assert result =~ "does not match password"
|
| 138 |
end
|
| 139 |
|
|
|
|
| 145 |
|> form("#password_form", %{
|
| 146 |
"current_password" => "invalid",
|
| 147 |
"user" => %{
|
| 148 |
+
"password" => "short",
|
| 149 |
"password_confirmation" => "does not match"
|
| 150 |
}
|
| 151 |
})
|
| 152 |
|> render_submit()
|
| 153 |
|
| 154 |
assert result =~ "Change Password"
|
| 155 |
+
assert result =~ "should be at least 8 character(s)"
|
| 156 |
assert result =~ "does not match password"
|
| 157 |
assert result =~ "is not valid"
|
| 158 |
end
|
test/medical_transcription_web/user_auth_test.exs
CHANGED
|
@@ -60,7 +60,7 @@ defmodule MedicalTranscriptionWeb.UserAuthTest do
|
|
| 60 |
refute get_session(conn, :user_token)
|
| 61 |
refute conn.cookies[@remember_me_cookie]
|
| 62 |
assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie]
|
| 63 |
-
assert redirected_to(conn) == ~p"/"
|
| 64 |
refute Accounts.get_user_by_session_token(user_token)
|
| 65 |
end
|
| 66 |
|
|
@@ -79,7 +79,7 @@ defmodule MedicalTranscriptionWeb.UserAuthTest do
|
|
| 79 |
conn = conn |> fetch_cookies() |> UserAuth.log_out_user()
|
| 80 |
refute get_session(conn, :user_token)
|
| 81 |
assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie]
|
| 82 |
-
assert redirected_to(conn) == ~p"/"
|
| 83 |
end
|
| 84 |
end
|
| 85 |
|
|
|
|
| 60 |
refute get_session(conn, :user_token)
|
| 61 |
refute conn.cookies[@remember_me_cookie]
|
| 62 |
assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie]
|
| 63 |
+
assert redirected_to(conn) == ~p"/users/log_in"
|
| 64 |
refute Accounts.get_user_by_session_token(user_token)
|
| 65 |
end
|
| 66 |
|
|
|
|
| 79 |
conn = conn |> fetch_cookies() |> UserAuth.log_out_user()
|
| 80 |
refute get_session(conn, :user_token)
|
| 81 |
assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie]
|
| 82 |
+
assert redirected_to(conn) == ~p"/users/log_in"
|
| 83 |
end
|
| 84 |
end
|
| 85 |
|