Users with SHA-1 hashes can reset their passwords

2026-02-11 09:54:21 +01:00 · 2011-09-05 22:45:52 +02:00 · 2011-09-05 22:45:52 +02:00 · ad1f3b5862
commit ad1f3b5862
parent 5d3829cfbf
3 changed files with 9 additions and 1 deletions
--- a/features/handling_users_with_deprecated_password_hashes.feature
+++ b/features/handling_users_with_deprecated_password_hashes.feature
@ -14,6 +14,8 @@ Feature: Handling users with deprecated passwords hashes
    When I go to the homepage
    Then I should be redirected to the change password page
    And I should see "You have to reset your password"
+    When I change my password to "newer_better_password"
+    Then I should be redirected to the preference page

  Scenario: A user with BCrypt password
    Given I have logged in as "new_hash_user" with password "first_secret"
--- a/features/step_definitions/user_steps.rb
+++ b/features/step_definitions/user_steps.rb
@ -32,3 +32,9 @@ Then "I should be an admin" do
  # just check on the presence of the menu item for managing users
  Then "I should see \"Manage users\""
 end
+
+When /^I change my password to "([^"]*)"$/ do |password|
+  Then 'I should be on the change password page'
+  %w{new confirm}.each { |name| fill_in name + ' password', :with => password }
+  click_button
+end