[SOLVED] Tests for signing in User using token and SimpleTokenAuthentication failing because SimpleTokenAuthentication not signing in user

Tests for signing in User using token and SimpleTokenAuthentication failing because SimpleTokenAuthentication not signing in user

Rails 5.2 gem: SimpleTokenAuthentication

I have the following controller:

class RegistrationsController < ApplicationController
  acts_as_token_authentication_handler_for  User, only: [:start]
  
 

  def start
    binding.pry
    if user_signed_in?
      redirect_to edit_user_path(current_user)
    else
      redirect_to new_user_session_path
    end
  end

end

I have a page with a link with the user_email and user_token parameters filled with the appropriate data.

When I click the link the acts_as_token_authentication_handler_for User signs in the user if the token is valid and the email belongs to a user in the database.

However, when I try to run a simple rspec test I get an internal server error.

Here is the Rspec test:

RSpec.describe 'Registering New Staff' do

  let(:new_user) { create(:user) }

  describe 'accessing the registration start page' do

    it 'redirects to the edit user path when user signed in' do
      params = { user_email: new_user.email, user_token: new_user.authentication_token }
      get start_registration_path(params)
      expect(response).to redirect_to(edit_user_path(new_user))
    end
  end

Here is the error I get:

  Failure/Error: expect(response).to redirect_to(edit_user_path(new_user))
       Expected response to be a <3XX: redirect>, but was a <500: Internal Server Error>

It seems that there is something going wrong with the sign in process with acts_as_token_authentication_handler_for but I can't figure it out.

Any help appreciated.

Solution

In the end I wound up not using SimpleTokenAuthentication and used my own code as follows:

class RegistrationsController < ApplicationController 
  before_action :authenticate_user_from_token!, only: [:start]

  def preview
  end

  def start
    authorize :registration
    if user_signed_in?
      redirect_to edit_user_path(current_user)
    else
      raise Pundit::NotAuthorizedError
    end
  end

  def calendar
    authorize :registration
  end

  def confirmation
    authorize :registration
    current_user.register
  end


  private

  def authenticate_user_from_token!
    sign_out current_user if user_signed_in?
    if user && Devise.secure_compare(user.authentication_token, params[:user_token])
      sign_in user 
      @current_user = user
      renew_authentication_token
    end
  end

  def user
    @user ||= User.find_by(email: params[:user_email])
  end

  def renew_authentication_token
    current_user.renew_authentication_token!
  end

end