From b04e0e70d089de7c91c4bf6597ee207af4465c48 Mon Sep 17 00:00:00 2001 From: Michael Hartl Date: Thu, 26 Aug 2010 13:25:31 -0700 Subject: [PATCH] Handling invalid signin --- app/controllers/sessions_controller.rb | 9 +++++++ spec/controllers/sessions_controller_spec.rb | 25 ++++++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index ff02402..a914006 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -5,6 +5,15 @@ def new end def create + user = User.authenticate(params[:session][:email], + params[:session][:password]) + if user.nil? + flash.now[:error] = "Invalid email/password combination." + @title = "Sign in" + render 'new' + else + # Handle successful signin. + end end def destroy diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb index 041ab56..24c113c 100644 --- a/spec/controllers/sessions_controller_spec.rb +++ b/spec/controllers/sessions_controller_spec.rb @@ -14,4 +14,29 @@ response.should have_selector('title', :content => "Sign in") end end + + describe "POST 'create'" do + + describe "failure" do + + before(:each) do + @attr = { :email => "", :password => "" } + end + + it "should re-render the new page" do + post :create, :session => @attr + response.should render_template('new') + end + + it "should have the right title" do + post :create, :session => @attr + response.should have_selector('title', :content => "Sign in") + end + + it "should have an error message" do + post :create, :session => @attr + flash.now[:error].should =~ /invalid/i + end + end + end end