From 3091c6dff67abc1763ec824d26adfb655f0be66e Mon Sep 17 00:00:00 2001
From: Jonathan Cremin <jonathan@crem.in>
Date: Sat, 22 Aug 2015 23:19:20 +0100
Subject: [PATCH] Fix failing image and login tests

---
 test/web/file.spec.js |  9 +++++++--
 test/web/user.spec.js | 28 ++++++++++++++++++----------
 2 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/test/web/file.spec.js b/test/web/file.spec.js
index a3e52dc..cdd1c4d 100644
--- a/test/web/file.spec.js
+++ b/test/web/file.spec.js
@@ -1,4 +1,5 @@
 import assert from 'assert';
+import gm from 'gm';
 import { agent } from 'supertest';
 import app from '../../app';
 
@@ -45,7 +46,9 @@ describe('hostr-web file', function() {
         .expect(200)
         .expect('Content-type', 'image/jpeg')
         .expect(function(response) {
-          assert(response.body.length === 3658);
+          gm(response.body).size((err, size) => {
+            assert(size.width === 150);
+          });
         })
         .end(done);
     });
@@ -58,7 +61,9 @@ describe('hostr-web file', function() {
         .expect(200)
         .expect('Content-type', 'image/jpeg')
         .expect(function(response) {
-          assert(response.body.length === 79091);
+          gm(response.body).size((err, size) => {
+            assert(size.width === 970);
+          });
         })
         .end(done);
     });
diff --git a/test/web/user.spec.js b/test/web/user.spec.js
index f7840bc..6b2fc6d 100644
--- a/test/web/user.spec.js
+++ b/test/web/user.spec.js
@@ -6,21 +6,29 @@ const request = agent(app.listen());
 describe('hostr-web user', function() {
   describe('when POST /signin with invalid credentials', function() {
     it('should not redirect to /', function(done) {
-      request
-        .post('/signin')
-        .send({'email': 'test@hostr.co', 'password': 'test-passworddeded'})
-        .expect(200, done);
+      request.get('/signin').end(function(err, response) {
+        const match = response.text.match(/name="_csrf" value="([^"]+)"/);
+        const csrf = match[1];
+        request
+          .post('/signin')
+          .send({'email': 'test@hostr.co', 'password': 'test-passworddeded', '_csrf': csrf})
+          .expect(200, done);
+      });
     });
   });
 
   describe('when POST /signin with valid credentials', function() {
     it('should redirect to /', function(done) {
-      request
-        .post('/signin')
-        .send({'email': 'test@hostr.co', 'password': 'test-password'})
-        .expect(302)
-        .expect('Location', '/')
-        .end(done);
+      request.get('/signin').end(function(err, response) {
+        const match = response.text.match(/name="_csrf" value="([^"]+)"/);
+        const csrf = match[1];
+        request
+          .post('/signin')
+          .send({'email': 'test@hostr.co', 'password': 'test-password', '_csrf': csrf})
+          .expect(302)
+          .expect('Location', '/')
+          .end(done);
+      });
     });
   });
 });