Test Authentication against FireBase

Gemfile

@@ -21,6 +21,11 @@ group :development, :test do
   gem 'ffaker'
 end
 
+group :test do
+  gem 'webmock'
+  gem 'vcr'
+end
+
 group :development do
   gem 'listen', '~> 3.0.5'
   gem 'spring'

Gemfile.lock

@@ -38,12 +38,16 @@ GEM
       i18n (~> 0.7)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
     arel (7.1.4)
     base58 (0.1.0)
     builder (3.2.3)
     byebug (9.0.6)
     concurrent-ruby (1.0.5)
     connection_pool (2.2.1)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
     erubis (2.7.0)
     factory_girl (4.8.0)
@@ -55,6 +59,7 @@ GEM
       json
     globalid (0.4.0)
       activesupport (>= 4.2.0)
+    hashdiff (0.3.1)
     httpclient (2.8.3)
     i18n (0.8.6)
     json (2.0.2)
@@ -74,6 +79,7 @@ GEM
     nio4r (2.1.0)
     nokogiri (1.8.0)
       mini_portile2 (~> 2.2.0)
+    public_suffix (3.0.0)
     puma (3.10.0)
     rack (2.0.3)
     rack-cors (1.0.1)
@@ -126,6 +132,7 @@ GEM
       rspec-mocks (~> 3.6.0)
       rspec-support (~> 3.6.0)
     rspec-support (3.6.0)
+    safe_yaml (1.0.4)
     sidekiq (5.0.4)
       concurrent-ruby (~> 1.0)
       connection_pool (~> 2.2, >= 2.2.0)
@@ -148,6 +155,11 @@ GEM
     tzinfo (1.2.3)
       thread_safe (~> 0.1)
     validation_contract (0.1.8)
+    vcr (3.0.3)
+    webmock (2.3.1)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
     websocket-driver (0.6.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.2)
@@ -172,6 +184,8 @@ DEPENDENCIES
   spring-watcher-listen (~> 2.0.0)
   tzinfo-data
   validation_contract
+  vcr
+  webmock
 
 BUNDLED WITH
    1.15.4

config/secrets.yml

@@ -15,14 +15,15 @@ development:
   secret_key_access: admin
   secret_key_password: 123456
   secret_redis_url: redis://localhost:6379/5
-  secret_url_fire_base: localhost
+  secret_url_fire_base: https://test123.firebaseio.com
   secret_key_fire_base: 123123123123
+
 test:
   secret_key_base: 16cbed3ad3bd00da41e358ebcc5b14a79d48428b1bbc848b65b87ff00e60be0d01b2e17df3815dc0ed0ba13a8c693c8f8fdb4cac3cf1b70f44972c4b341bea40
   secret_key_access: admin
   secret_key_password: 123123123123
   secret_redis_url: redis://localhost:6379/5
-  secret_url_fire_base: localhost
+  secret_url_fire_base: https://test123.firebaseio.com
   secret_key_fire_base: 123123123123
 
 # Do not keep production secrets in the repository,

spec/controllers/v1/authenticated_controller_spec.rb

@@ -0,0 +1,80 @@
+require 'rails_helper'
+
+RSpec.describe V1::AuthenticatedController, type: :controller do
+  describe '#authentication' do
+
+    context 'when the to email is invalid' do
+      let(:invalid_email) { 'abc@xyz.' }
+
+      it 'shows json error response' do
+        post :authentication, params: { to: invalid_email }
+
+        response_json = JSON.parse response.body
+
+        expect(response.status).to be(200)
+        expect(response_json['success']).to be_falsey
+        expect(response_json['errors'].to_s).to include('This e-mail abc@xyz. is inválid')
+      end
+    end
+
+    context 'when the to email is valid' do
+      context 'user exists in Firebase'do
+        context 'user is confirmed', vcr: { cassette_name: 'firebase/existing_confirmed_user' } do
+          let(:confirm_email) { 'abc@example.com' }
+
+          before do
+            add_confirmed_user_to_firebase(confirm_email)
+          end
+
+          it 'redirects to authentication error page if a confirmed user tries to authenticate' do
+            post :authentication, params: { to: confirm_email }
+
+            expect(response).to redirect_to('http://www.freesendmails.com/authentication-user-error')
+          end
+        end
+
+        context 'user is not confirmed', vcr: { cassette_name: 'firebase/existing_unconfirmed_user' } do
+          let(:user_email) { 'xyz@example.com' }
+
+          before do
+            add_unconfirmed_user_to_firebase(user_email)
+          end
+
+          it 'adds the user to Firebase again' do
+            post :authentication, params: { to: user_email }
+
+            expect(firebase_user_emails.count{|x| x == user_email}).to be(2)
+            expect(response).to redirect_to('http://www.freesendmails.com/authentication-user-success')
+          end
+        end
+      end
+
+      context 'user do not exist in firebase', vcr: { cassette_name: 'firebase/add_user' } do
+        let(:new_email) { 'abcxyz@example.com' }
+
+        it 'adds the user to Firebase and redirects to authentication success page' do
+          post :authentication, params: { to: new_email }
+
+          expect(firebase_user_emails).to include(new_email)
+          expect(response).to redirect_to('http://www.freesendmails.com/authentication-user-success')
+        end
+      end
+    end
+  end
+
+  describe 'user confirmation #authentication_url' do
+    let(:user_email) { 'qwerty@example.com' }
+    let(:user_token) { 'token1234' }
+
+    it 'confirms user in Firebase', vcr: { cassette_name: 'firebase/confirm_user' } do
+      add_unconfirmed_user_to_firebase(user_email, user_token)
+
+      get :authentication_url, params: { token_authentication: user_token }
+
+      firebase_user = firebase_find_users(user_email).first
+
+      expect(firebase_user['confirmated']).to be_truthy
+      expect(response).to redirect_to('http://www.freesendmails.com/authentication-user-success-authenticated')
+    end
+  end
+end

spec/spec_helper.rb

@@ -16,6 +16,11 @@
 # users commonly want.
 #
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+Dir[Rails.root.join('spec/support/**/*.rb')].each { |f| require f }
+
 RSpec.configure do |config|
   # rspec-expectations config goes here. You can use an alternate
   # assertion/expectation library such as wrong or the stdlib/minitest
@@ -94,4 +99,14 @@
     FileUtils.rm_rf(Dir["#{Rails.root}/public/uploads/*"])
     config.include Rails.application.routes.url_helpers
   end
+
+  config.include FirebaseHelper, type: :controller
+end
+
+VCR.configure do |config|
+  config.cassette_library_dir = 'spec/vcr'
+  config.hook_into :webmock
+  config.configure_rspec_metadata!
+  config.allow_http_connections_when_no_cassette = false
+  config.ignore_localhost = true # ignore local API calls
 end

spec/support/firebase_helper.rb

@@ -0,0 +1,46 @@
+module FirebaseHelper
+  def firebase_users
+    firebase_client.get('users_authenticated')
+  end
+
+  def firebase_find_users(email)
+    if firebase_users && firebase_users.body.present?
+      firebase_users.body.values.select {|u| u['email'] == email}
+    end
+  end
+
+  def firebase_user_emails
+    firebase_users.body.values.map {|u| u['email']} if firebase_users && firebase_users.body.present?
+  end
+
+  def add_confirmed_user_to_firebase(email, token=nil)
+    user_params = {
+      email: email,
+      confirmated: true,
+      created: Date.today,
+      priority: 1,
+      token: token || 'lmno1234'
+    }
+    firebase_client.push('users_authenticated', user_params)
+    user_params
+  end
+
+  def add_unconfirmed_user_to_firebase(email, token=nil)
+    user_params = {
+      email: email,
+      confirmated: false,
+      created: Date.today,
+      priority: 1,
+      token: token || 'abcd9876'
+    }
+    firebase_client.push('users_authenticated', user_params)
+    user_params
+  end
+
+  def firebase_client
+    Firebase::Client.new(
+      Rails.application.secrets.secret_url_fire_base,
+      Rails.application.secrets.secret_key_fire_base
+    )
+  end
+end