Remove attr_accessor :password
from the class User
.
As ActiveRecord would treat it as a virtual attribute and it will not be saved in the database.
If you notice rspec failure message received:
expected: #<Xaaron::User id: 5, first_name: "Adam", last_name: "Something", user_name: "user9", email: "user8@example.com", password: nil, salt: "$2a$10$Y1m4YK.4znWVz2icp0ENtO", created_at: "2014-04-06 15:20:53", updated_at: "2014-04-06 15:20:53">
password
is not saved in database. Make sure to remove the attr_accessor
from the User
model so password
is treated as field and would be saved in database.
Next, you need to update the example as below:
it "should validate a user based on login credentials" do
@user = FactoryGirl.create(:user)
@login_user = FactoryGirl.build(:user)
Xaaron::User.authenticate_user(@user.user_name, @login_user.password).should == @user
end
@user
contains the actual record created in database, so @user.password
has the encrypted password already. Your example fails because you are sending the encrypted password to authenticate_user
method and re-encrypting the already encrypted password with:
BCrypt::Engine.hash_secret(password, user.salt)
In reality, for your example to pass what you need to pass is the actual password without any encryption. That is why I added @login_user
in your example.