@Test
public void validLoginWithEmailAddress() throws Exception {
CreateUserRequest request = getDefaultCreateUserRequest();
ExternalUser createdUser = userService.createUser(request, Role.authenticated);
String sessionToken = createdUser.getSessions().get(0).getSessionToken();
LoginRequest loginRequest = new LoginRequest();
loginRequest.setUsername(request.getUser().getEmailAddress());
loginRequest.setPassword(request.getPassword().getPassword());
ExternalUser loggedInUser = userService.login(loginRequest);
assertThat(loggedInUser.getId().toString(), is(createdUser.getId().toString()));
assertThat(loggedInUser.getSessions().get(0), is(notNullValue()));
// check that a new token was issued
assertThat(loggedInUser.getSessions().get(0).getSessionToken(), is(not(sessionToken)));
assertThat(loggedInUser.isVerified(), is(false));
}
