[WIP] fix unit tests

README.md

@@ -12,7 +12,7 @@ Start the backend services locally in docker, using the Pay CLI.
 ```bash
 pay local up --cluster admin
 ```
- 
+
 Generate the environment variables file. This only needs to be done the first time you run locally.
 
 ```bash
@@ -43,95 +43,57 @@ npm run dev
 Open the application in browser: 
 - http://127.0.0.1:3000
 
-You'll probably want to create a user in order to use the app:
-
-```bash
-pay local user
-```
-
-Copy the generated username, password and OTP token, if you need to regenerate the token at any time you can run 
-```bash
-pay local otp YOUR_TOKEN_HERE
-```
-
-##### Log output
-When using Docker, you can view log out with the following command:
-```
-docker logs -f selfservice
-```
-
-#### Debug using Visual Studio Code
-* You need to make sure the app runs locally first using the steps in the [Running](#running) section.
-* In VSCode, go to the `Debug` view (on MacOS, use shortcut `CMD + shift + D`).
-* From the **Run** toolbar, select the launch config `Self Service`.
-* Add breakpoints to any file you want to debug - click in the left hand column and a red dot will appear.
-* Press The `green play` button (`F5` MacOS):
-    * This will run the app in debug mode.
-    * Uses `nodemon` so it will automatically restart on code changes.
-
 #### Watching for changes
 
-You shouldn’t need to restart the app to see changes you make.
-
-We use [nodemon](https://github.com/remy/nodemon) which watches for changes to files and restarts the node process.
+The local development server (`npm run dev`) will watch for any changes to files in the `src` directory and rebuild the bundles automatically.
 
-If you’re making changes to client-side JS or Sass files (anything within [`/browsered/`](https://github.com/alphagov/pay-selfservice/tree/BAU-update-README-to-explain-livereload/app/browsered) or [`/assets/`](https://github.com/alphagov/pay-selfservice/tree/BAU-update-README-to-explain-livereload/app/assets)) then running `npm run watch-live-reload` will watch for changes and recompile. Nodemon does not do anything here as that’s not necessary. If you install the [livereload browser plugin](http://livereload.com/extensions/) then it will refresh your page once the assets have been compiled to the `/public` folder.
+Any changes to the server code will restart the app, changes to client side assets (SCSS/JS) and Nunjucks views will be reloaded automatically without a restart.
 
-## Running tests
+### Running via Pay CLI
 
-#### To run mocha tests
-```
-npm run compile && npm test
+```bash
+pay local up --cluster admin --mount-local-node-apps --local selfservice
 ```
-#### Debug tests using Visual Studio Code
+This command will watch changes in your workspace and rebuild them in a Pay CLI managed `selfservice` task
 
-##### IMPORTANT NOTE - some tests do not work in debug mode
-* Some integration tests do not work in debug mode.  This is because the tests are dependent on other tests running before hand.
-* Nevertheless, it is still useful to debug tests that do work in debug mode.
-
-##### Run tests in debug mode
-* In VSCode, go to the `Debug` view (on MacOS, use shortcut `CMD + shift + D`).
-* From the **Run** toolbar, select the launch config you want to run:
-  * `Mocha All` - runs all tests.
-  * `Mocha Current File` - only run currently open test file.
-* Add breakpoints to any file you want to debug - click in the left hand column and a red dot will appear.
-* Press The `green play` button or `F5`.
+## Running tests
 
-#### To run cypress tests
+#### To run tests
 
-Run in two separate terminals:
-1. `npm run cypress:server`
+```bash
+npm run test
+```
+This command will run all [mocha](https://mochajs.org/) test suites matching the glob pattern `*.test.js`
 
-    _This runs both the Cypress server and @govuk-pay/run-amock which is the mock server used for stubbing out external API calls.
+To run Cypress tests start the server in a separate terminal
 
-2. Either:
-- `npm run cypress:test` to run headless 
-- `npm run cypress:test-headed` to run headed
-- `npm run cypress:test-no-watch` to run headed with auto-running of tests when the test file is edited turned off
+```bash
+npm run cypress:server
+```
+
+_This runs both the Cypress server and @govuk-pay/run-amock which is the mock server used for stubbing out external API calls._
 
-Selecting headed tests, with  `npm run cypress:test-headed`, will open a Cypress application window. 
-Follow the instructions and when you have to choose mode, select `E2E Testing` and then select a browser, and then `Start E2E Testing in {browser}`.
-You will then be able to click on individual specs and see the tests running in the UI.
+You can run Cypress tests headless or in a locally installed browser
 
+```bash
+npm run cypress:test
+npm run cypress:test-headed
+```
 
 ## Key environment variables
 
-| Variable                    | required | default value | Description                               |
-| --------------------------- |:--------:|:-------------:| ----------------------------------------- |
-| BIND_HOST                   |   | 127.0.0.1 | The IP address for the application to bind to |
-| PORT                        | X | 9200 | The port number for the express server to be bound at runtime |
-| SESSION_ENCRYPTION_KEY      | X |      | Key to be used by the cookie encryption algorithm. Should be a large unguessable string ([More Info](https://www.npmjs.com/package/client-sessions)).  |
-| PUBLIC_AUTH_URL             | X |      | The publicauth endpoint to use when API Tokens. |
-| PUBLIC_AUTH_URL             | X |      | The endpoint to connector base URL. |
-| DISABLE_INTERNAL_HTTPS      |   | false/undefined | To switch off generating secure cookies. Set this to `true` only if you are running self service in a `non HTTPS` environment. |
-| HTTP_PROXY_ENABLED          |   | false/undefined | To enable proxying outbound traffic of HTTP(S) requests. If set to `true` make sure to set the following 3 variables |
-| HTTP_PROXY                  |   |      | HTTP proxy url |
-| HTTPS_PROXY                 |   |      | HTTPS proxy url |
-| NO_PROXY                    |   |      | host:port(s) that need to be by passed by the proxy. Supports comma separated list |
-
-## Architecture Decision Records
-
-We use [Architecture Decision Records](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions) to keep track of the history of software design decisions on this application. Please see [docs/arch](docs/arch/).
+| Variable               | required |  default value  | Description                                                                                                                                           |
+|------------------------|:--------:|:---------------:|-------------------------------------------------------------------------------------------------------------------------------------------------------|
+| BIND_HOST              |          |    127.0.0.1    | The IP address for the application to bind to                                                                                                         |
+| PORT                   |    X     |      9200       | The port number for the express server to be bound at runtime                                                                                         |
+| SESSION_ENCRYPTION_KEY |    X     |                 | Key to be used by the cookie encryption algorithm. Should be a large unguessable string ([More Info](https://www.npmjs.com/package/client-sessions)). |
+| PUBLIC_AUTH_URL        |    X     |                 | The publicauth endpoint to use when API Tokens.                                                                                                       |
+| PUBLIC_AUTH_URL        |    X     |                 | The endpoint to connector base URL.                                                                                                                   |
+| DISABLE_INTERNAL_HTTPS |          | false/undefined | To switch off generating secure cookies. Set this to `true` only if you are running self service in a `non HTTPS` environment.                        |
+| HTTP_PROXY_ENABLED     |          | false/undefined | To enable proxying outbound traffic of HTTP(S) requests. If set to `true` make sure to set the following 3 variables                                  |
+| HTTP_PROXY             |          |                 | HTTP proxy url                                                                                                                                        |
+| HTTPS_PROXY            |          |                 | HTTPS proxy url                                                                                                                                       |
+| NO_PROXY               |          |                 | host:port(s) that need to be by passed by the proxy. Supports comma separated list                                                                    |
 
 ## Licence
 

package.json

@@ -46,7 +46,6 @@
     "cypress:server": "run-amock --port=8000 | node --inspect -r dotenv/config dist/application.js dotenv_config_path=test/cypress/test.env",
     "cypress:test": "cypress run",
     "cypress:test-headed": "cypress open",
-    "cypress:test-no-watch": "cypress open --config watchForFileChanges=false",
     "publish-pacts": "./bin/publish-pacts.js"
   },
   "lint-staged": {

test/integration/login.controller.ft.test.js

@@ -266,22 +266,22 @@ describe('login post endpoint', function () {
     done()
   })
 
-  it('should display an error if csrf token does not exist for the login post', function (done) {
+  it('should redirect to logout if csrf token does not exist for the login post', function (done) {
     request(getApp())
       .post(paths.user.logIn)
       .set('Accept', 'application/json')
       .set('Content-Type', 'application/x-www-form-urlencoded')
       .send({})
       .expect(res => {
-        expect(res.status).to.equal(400)
-        expect(res.body.message).to.equal('There is a problem with the payments platform. Please contact the support team')
+        expect(res.status).to.equal(302)
+        expect('Location', paths.user.logOut)
       })
       .end(done)
   })
 })
 
 describe('otp login post endpoint', function () {
-  it('should display an error if csrf token does not exist for the login post', function (done) {
+  it('should redirect to logout if csrf token does not exist for the otp login post', function (done) {
     const user = mockSession.getUser()
     const session = mockSession.getMockSession(user)
     delete session.csrfSecret
@@ -294,15 +294,15 @@ describe('otp login post endpoint', function () {
       .set('Content-Type', 'application/x-www-form-urlencoded')
       .send({ code: notp.totp.gen('12345') })
       .expect(res => {
-        expect(res.status).to.equal(400)
-        expect(res.body.message).to.equal('There is a problem with the payments platform. Please contact the support team')
+        expect(res.status).to.equal(302)
+        expect('Location', paths.user.logOut)
       })
       .end(done)
   })
 })
 
 describe('otp send again post endpoint', function () {
-  it('should display an error if csrf token does not exist for the send again post', function (done) {
+  it('should redirect to logout if csrf token does not exist for the send again post', function (done) {
     const user = mockSession.getUser()
     const session = mockSession.getMockSession(user)
     delete session.csrfSecret
@@ -315,8 +315,8 @@ describe('otp send again post endpoint', function () {
       .set('Content-Type', 'application/x-www-form-urlencoded')
       .send({})
       .expect(res => {
-        expect(res.status).to.equal(400)
-        expect(res.body.message).to.equal('There is a problem with the payments platform. Please contact the support team')
+        expect(res.status).to.equal(302)
+        expect('Location', paths.user.logOut)
       })
       .end(done)
   })