Optimized login form - delegated CSRF token creation to thymeleaf
Also added additional test to verify behaviour. Fixes gh-1039
This commit is contained in:
@@ -69,6 +69,18 @@ public class SampleSecureApplicationTests {
|
||||
entity.getHeaders().getLocation().toString().endsWith(port + "/login"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLoginPage() throws Exception {
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.setAccept(Arrays.asList(MediaType.TEXT_HTML));
|
||||
ResponseEntity<String> entity = new TestRestTemplate().exchange(
|
||||
"http://localhost:" + this.port + "/login", HttpMethod.GET, new HttpEntity<Void>(
|
||||
headers), String.class);
|
||||
assertEquals(HttpStatus.OK, entity.getStatusCode());
|
||||
assertTrue("Wrong content:\n" + entity.getBody(),
|
||||
entity.getBody().contains("_csrf"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testLogin() throws Exception {
|
||||
HttpHeaders headers = getHeaders();
|
||||
|
||||
Reference in New Issue
Block a user