Fix handling of login errors
Change-Id: Ib8d6b7d3f8a8c572c07c45da3fd0f60fb2e58eb3
diff --git a/t/plugin/auth.t b/t/plugin/auth.t
index 9828baf..b2089a1 100644
--- a/t/plugin/auth.t
+++ b/t/plugin/auth.t
@@ -58,6 +58,7 @@
$t->get_ok('/')
->status_is(200)
->element_exists('div.notify-error')
+ ->text_is('div.notify-error', 'Bad CSRF token')
->element_exists('input[name=handle_or_email][value=test]')
->element_exists_not('div.button.top a')
;
@@ -76,6 +77,42 @@
$t->post_ok('/user/login' => form => {
handle_or_email => 'test',
+ pwd => 'ldaperr',
+ csrf_token => $csrf
+})
+ ->status_is(302)
+ ->content_is('')
+ ->header_is('Location' => '/');
+
+$csrf = $t->get_ok('/')
+ ->status_is(200)
+ ->element_exists('div.notify-error')
+ ->text_is('div.notify-error', '2022: LDAP Authentication failed due to unknown user or password!')
+ ->element_exists('input[name=handle_or_email][value=test]')
+ ->element_exists_not('div.button.top a')
+ ->tx->res->dom->at('input[name=csrf_token]')->attr('value')
+ ;
+
+$t->post_ok('/user/login' => form => {
+ handle_or_email => 'test',
+ pwd => 'unknown',
+ csrf_token => $csrf
+})
+ ->status_is(302)
+ ->content_is('')
+ ->header_is('Location' => '/');
+
+$csrf = $t->get_ok('/')
+ ->status_is(200)
+ ->element_exists('div.notify-error')
+ ->text_is('div.notify-error', 'Access denied')
+ ->element_exists('input[name=handle_or_email][value=test]')
+ ->element_exists_not('div.button.top a')
+ ->tx->res->dom->at('input[name=csrf_token]')->attr('value')
+ ;
+
+$t->post_ok('/user/login' => form => {
+ handle_or_email => 'test',
pwd => 'pass',
csrf_token => $csrf
})