Agent-Skills.md

Agent Skills: Test Authentication Helpers Pattern

Implement authentication testing patterns with RSpec, FactoryBot, and test helpers for Rails applications. Use when writing controller specs, system tests, or request specs that require authenticated users and multi-tenant account context.

UncategorizedID: rbarazi/agent-skills/test-auth-helpers

Repository

rbarazi/agent-skills
rbarazi

Install this agent skill to your local

pnpm dlx add-skill https://github.com/rbarazi/agent-skills/tree/HEAD/skills/test-auth-helpers

Skill Files

Browse the full folder contents for test-auth-helpers.

Download Skill

Loading file tree…

skills/test-auth-helpers/SKILL.md

Skill Metadata

Name
test-auth-helpers
Description
Implement authentication testing patterns with RSpec, FactoryBot, and test helpers for Rails applications. Use when writing controller specs, system tests, or request specs that require authenticated users and multi-tenant account context.

Test Authentication Helpers Pattern

Testing patterns for authentication in Rails applications using RSpec and FactoryBot.

When to Use

  • Writing controller specs with authenticated users
  • Creating system tests with login flows
  • Building request specs with session authentication
  • Testing multi-tenant account scoping

Quick Start

1. Authentication Helper Module

# spec/support/authentication_helpers.rb
module AuthenticationHelpers
  # For controller and request specs
  def setup_authenticated_user(user = nil)
    account = create(:account)
    user ||= create(:user, account: account)
    session = create(:session, user: user)

    if respond_to?(:cookies)
      cookies.signed[:session_id] = session.id
    end

    [account, user, session]
  end

  # For system tests - performs actual login
  def login_user(user)
    visit new_session_path
    fill_in I18n.t('sessions.form.email'), with: user.email_address
    fill_in I18n.t('sessions.form.password'), with: "password"
    click_button I18n.t('sessions.form.sign_in')
    expect(page).not_to have_current_path(new_session_path, wait: 10)
  end

  # For API specs with Bearer token
  def auth_headers_for(user)
    session = create(:session, user: user)
    { "Authorization" => "Bearer #{session.id}" }
  end
end

RSpec.configure do |config|
  config.include AuthenticationHelpers
end

2. Usage in Controller Specs

RSpec.describe AgentsController, type: :controller do
  let(:account) { create(:account) }
  let(:user) { create(:user, account: account) }

  before { setup_authenticated_user(user) }

  it 'returns success' do
    get :index
    expect(response).to be_successful
  end
end

3. Usage in System Tests

RSpec.describe 'Agent Management', type: :system, js: true do
  let(:account) { create(:account) }
  let(:user) { create(:user, account: account) }

  before { login_user(user) }

  it 'shows agents page' do
    visit agents_path
    expect(page).to have_content(I18n.t('agents.index.title'))
  end
end

Key Patterns

  • Controller specs: Use setup_authenticated_user with cookie injection
  • System tests: Use login_user with actual form submission
  • API specs: Use auth_headers_for with Bearer token
  • Always use I18n: Never hardcode button/label text

Reference Files

For complete implementation details: