Onboarding chris #28
Open
Onboarding chris #28
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Looks legit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
@jaybobo
What needs to be tested to ensure that the user authentication functionality of this app works correctly?
The logged_in? method that the dashboard uses to check to see if the user is authenticated. Also, the user should be able to go to other pages that require authentication.
Besides the faulty password scheme, what's the other glaring authentication problem with this application?
It keeps no record of users, so I can log in as anyone that I want (e.g. if I log in with jaybobo jaybobo, I'm jaybobo).
Cucumber is not a big fan of duplicating step_definitions, do you think you might reuse some of the steps from login_steps for your new scenarios.
You could have a centralized "navigate to the homepage and log in" step so that you can just call it in other scenarios when you want to test functionality that requires a user to be logged in.