From b3bae29d537655475bf6731cab9cb78acaee520a Mon Sep 17 00:00:00 2001
From: Josh Graber <jgraber@covermymeds.com>
Date: Mon, 13 Jun 2016 13:56:18 -0400
Subject: [PATCH 1/3] Implemented login steps

Added capybara and expectations for login feature.
---
 Gemfile.lock                             | 14 ++++++++++++++
 features/login.feature                   |  2 +-
 features/step_definitions/login_steps.rb | 12 ++++++------
 3 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index da8b141..7bbfbc8 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -40,10 +40,19 @@ GEM
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
+    rspec (3.1.0)
+      rspec-core (~> 3.1.0)
+      rspec-expectations (~> 3.1.0)
+      rspec-mocks (~> 3.1.0)
+    rspec-core (3.1.7)
+      rspec-support (~> 3.1.0)
     rspec-expectations (3.1.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.1.0)
+    rspec-mocks (3.1.3)
+      rspec-support (~> 3.1.0)
     rspec-support (3.1.2)
+    sass (3.4.22)
     sinatra (1.4.5)
       rack (~> 1.4)
       rack-protection (~> 1.4)
@@ -66,5 +75,10 @@ DEPENDENCIES
   cucumber-sinatra
   haml
   pry
+  rspec
   rspec-expectations
+  sass
   sinatra
+
+BUNDLED WITH
+   1.12.5
diff --git a/features/login.feature b/features/login.feature
index 3fff7cf..a0bf458 100644
--- a/features/login.feature
+++ b/features/login.feature
@@ -7,4 +7,4 @@ Feature: Login Page
     Given the login page
     When I log in with proper credentials
     Then I should see the secret page
-    
+
diff --git a/features/step_definitions/login_steps.rb b/features/step_definitions/login_steps.rb
index 61f803a..f2bd343 100644
--- a/features/step_definitions/login_steps.rb
+++ b/features/step_definitions/login_steps.rb
@@ -1,14 +1,14 @@
 Given(/^the login page$/) do
-  #put your code here
-  pending
+  visit('/')
 end
 
 When(/^I log in with proper credentials$/) do
-  #put your code here
-  pending
+  fill_in 'username', :with => 'my_user'
+  fill_in 'password', :with => 'my_user'
+  click_button 'Login'
 end
 
 Then(/^I should see the secret page$/) do
-  #put your code here
-  pending
+  expect(page).to have_content 'This is the secret page.'
+  expect(page).to have_content 'Your username is my_user'
 end

From 82438402bdeaf182ba861df291d27fc54a0f0961 Mon Sep 17 00:00:00 2001
From: Josh Graber <jgraber@covermymeds.com>
Date: Mon, 13 Jun 2016 14:31:42 -0400
Subject: [PATCH 2/3] Implement logout feature

Added gherkin for logout proving that when user logs out they are redirected to the index and can't go to the dashboard any more.
---
 features/logout.feature                   | 13 ++++++++++-
 features/step_definitions/logout_steps.rb | 27 ++++++++++++++++++++++-
 2 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/features/logout.feature b/features/logout.feature
index 251c445..c394e91 100644
--- a/features/logout.feature
+++ b/features/logout.feature
@@ -1 +1,12 @@
-#Add your codez here
+Feature: Logout Page
+  In order to lock the page when we are finished
+  As a user
+  I want get redirected back to the login page after logging out
+    and not be able to return to the secret page
+
+  Scenario: Logout User
+    Given I am logged in
+    And I am on my dashboard
+    When I click log out
+    Then I should see the index page
+    And I should not have access to the secret page
diff --git a/features/step_definitions/logout_steps.rb b/features/step_definitions/logout_steps.rb
index 251c445..3420e3d 100644
--- a/features/step_definitions/logout_steps.rb
+++ b/features/step_definitions/logout_steps.rb
@@ -1 +1,26 @@
-#Add your codez here
+Given /^I am logged in$/ do
+  visit '/'
+  fill_in 'username', :with => 'Me'
+  fill_in 'password', :with => 'Me'
+  click_button 'Login'
+end
+
+Given /^I am on my dashboard$/ do
+  visit '/dashboard'
+end
+
+When /^I click log out$/ do
+  visit '/logout'
+end
+
+Then /^I should see the index page$/ do
+  expect(page).to have_content 'This is login page for users.'
+end
+
+Then /^I should not have access to the secret page$/ do
+  visit '/dashboard'
+
+  expect(page).to have_content 'This is login page for users.'
+  expect(current_path).to eq '/'
+end
+

From f7363a0a78e89c725196a737d7b028491df9f788 Mon Sep 17 00:00:00 2001
From: Josh Graber <jgraber@covermymeds.com>
Date: Mon, 13 Jun 2016 14:32:02 -0400
Subject: [PATCH 3/3] Protect dashboard

Dashboard page is no longer visible when user is not logged in.
---
 app.rb | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/app.rb b/app.rb
index 670284d..1449822 100644
--- a/app.rb
+++ b/app.rb
@@ -31,7 +31,11 @@ def logged_in?
   end
 
   get "/dashboard" do
-    @username = session[:user]
-    haml :dashboard
+    if logged_in? then
+      @username = session[:user]
+      haml :dashboard
+    else
+      redirect to '/'
+    end
   end
 end