I was writing an rspec test for the destroy action of my sessions controller (Authlogic 2.1.6). I can't puzzle out what method I should call, either on the user object or the session object to determine whether the session is still "alive" (that is, that the user is or is not logged in).
My first instinct was to use @user.logged_in? but I learned that that won't work because logged_in makes its determination based on the session timeout, rather than the state of the session object.
Here is the code I wrote that doesn't work, because be_logged_in returns true in both cases.
describe "for logged in user" do
it "should logout the user" do
activate_authlogic
@user = Factory.create(:valid_user)
@session = UserSession.create(@user)
@user.should be_logged_in
delete :destroy
@user.should_not be_logged_in
response.should redirect_to(root_path)
end
end
end
What should I use instead of 'be_logged_in'? I spent some time playing in the debugger looking at the methods attached to the session and the user and none of them jumped out at me as being useful for what I'm wanting here.