Tammer Saleh

I’m really loving Authlogic for user authentication, but at times the magic can be a bit confusing. One bit that caught me was that creating a new user also logs that user in. So tests like this:

context "a guest user who's not logged in" do
  setup { @guest = Factory(:user) }

  context "on GET to /private" do
    setup { get :private }
    should_be_denied
  end
end

Totally fail, as the user is automagically logged in behind the scenes. In the interest of saving another kind developer from hours of hair pulling, the solution lies in the skip_session_maintenance accessor. By setting this to true in your factory definition, you can convince Authlogic to be a little more predictable:

Factory.define :user do |f|
  f.name "Bob"
  # This stops authlogic from logging this new user in.
  f.skip_session_maintenance true
  # ...
end

Many thanks to Wilson Bilkovich for the answer to this little conundrum.