Rails/Rspec Make tests pass with http basic authentication

ruby-on-rails http-authentication rspec

Update (2013): Matt Connolly has provided a GIST which also works for request and controller specs: http://gist.github.com/4158961

Another way of doing this if you have many tests to run and don't want to include it everytime (DRYer code):

Create a /spec/support/auth_helper.rb file:

module AuthHelper
  def http_login
    user = 'username'
    pw = 'password'
    request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(user,pw)
  end  
end

In your test spec file:

describe HomeController do
  render_views

  # login to http basic auth
  include AuthHelper
  before(:each) do
    http_login
  end

  describe "GET 'index'" do
    it "should be successful" do
      get 'index'
      response.should be_success
    end
  end

end

Credit here


Sorry I didn't seek enough, the solution seems to be the following:

describe "GET 'index'" do
  it "should be successful" do
    @request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("username:password")
    get 'index'
    response.should be_success
  end
end

Some answers suggest to set request.env which is unsafe, because request can be nil and you will end up with private method env' called for nil:NilClass, especially when run single tests with rspec -e

Correct approach will be:

def http_login
  user = 'user'
  password = 'passw'
  {
    HTTP_AUTHORIZATION: ActionController::HttpAuthentication::Basic.encode_credentials(user,password)
  }
end

get 'index', nil, http_login

post 'index', {data: 'post-data'}, http_login

When using Rspec to test Grape APIs, the following syntax works

        post :create, {:entry => valid_attributes}, valid_session

where valid_session is 

{'HTTP_AUTHORIZATION' => credentials}

and

credentials = ActionController::HttpAuthentication::Token.encode_credentials("test_access1")

These are great solutions for controller and request specs.

For feature tests using Capybara, here is a solution to make HTTP Basic authentication work:

spec/support/when_authenticated.rb

RSpec.shared_context 'When authenticated' do
  background do
    authenticate
  end

  def authenticate
    if page.driver.browser.respond_to?(:authorize)
      # When headless
      page.driver.browser.authorize(username, password)
    else
      # When javascript test
      visit "http://#{username}:#{password}@#{host}:#{port}/"     
     end
  end

  def username
    # Your value here. Replace with string or config location
    Rails.application.secrets.http_auth_username
  end

  def password
    # Your value here. Replace with string or config location
    Rails.application.secrets.http_auth_password
  end

  def host
    Capybara.current_session.server.host
  end

  def port
    Capybara.current_session.server.port
  end
end

Then, in your spec:

feature 'User does something' do
  include_context 'When authenticated'

  # test examples
end

Related

Determining if the element is the last child of its parent
How to change the button text for 'Yes' and 'No' buttons in the MessageBox.Show dialog?
Why Safari shows "No Inspectable Applications" during remote debugging with iOS 6 device?
Is there any way to get the column name along with the output while execute any query in Hive?
Remove Git binding from Visual Studio 2013 solution?
Android Studio Keyboard shortcut control
Can't get Maven to recognize Java 1.8
Error logging in C#
How to achieve UIButton / UILabel 'padding' in iPhone app
What, at the bare minimum, is required for an HTTP request?
Get structure of temp table (like generate sql script) and clear temp table for current instance
How to test internal class library?