Merge pull request #2850 from Matt-Yorkley/password_change_logout

Password change logout
2026-01-24 20:36:49 +00:00 · 2018-10-24 11:43:09 +02:00
parent 9ef4852bd4 4760ebb80c
commit ce93c52dfe
3 changed files with 25 additions and 5 deletions
--- a/config/initializers/spree.rb
+++ b/config/initializers/spree.rb
@@ -22,6 +22,9 @@ Spree.config do |config|
  #config.override_actionmailer_config = false
 end

+# Don't log users out when setting a new password
+Spree::Auth::Config[:signout_after_password_change] = false
+
 # TODO Work out why this is necessary
 # Seems like classes within OFN module become 'uninitialized' when server reloads
 # unless the empty module is explicity 'registered' here. Something to do with autoloading?
--- a/spec/features/consumer/account/settings_spec.rb
+++ b/spec/features/consumer/account/settings_spec.rb
@@ -4,18 +4,22 @@ feature "Account Settings", js: true do
  include AuthenticationWorkflow

  describe "as a logged in user" do
-    let(:user) { create(:user, email: 'old@email.com') }
+    let(:user) do
+      create(:user,
+             email: 'old@email.com',
+             password: 'OriginalPassword',
+             password_confirmation: 'OriginalPassword')
+    end

    before do
      create(:mail_method)
      quick_login_as user
-    end
-
-    it "allows me to update my account details" do
      visit "/account"
-
      click_link I18n.t('spree.users.show.tabs.settings')
      expect(page).to have_content I18n.t('spree.users.form.account_settings')
+    end
+
+    it "allows the user to update their email address" do
      fill_in 'user_email', with: 'new@email.com'

      expect do
@@ -32,5 +36,17 @@ feature "Account Settings", js: true do
      click_link I18n.t('spree.users.show.tabs.settings')
      expect(page).to have_content I18n.t('spree.users.show.unconfirmed_email', unconfirmed_email: 'new@email.com')
    end
+
+    it "allows the user to change their password" do
+      initial_password = user.encrypted_password
+
+      fill_in 'user_password', with: 'NewPassword'
+      fill_in 'user_password_confirmation', with: 'NewPassword'
+
+      click_button I18n.t(:update)
+      expect(find(".alert-box.success").text.strip).to eq "#{I18n.t(:account_updated)} ×"
+
+      expect(user.reload.encrypted_password).to_not eq initial_password
+    end
  end
 end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -120,6 +120,7 @@ RSpec.configure do |config|
      spree_config.allow_backorders = false
    end

+    Spree::Auth::Config[:signout_after_password_change] = false
    Spree::Api::Config[:requires_authentication] = true
  end