@Test public void validLoginWithEmailAddress() throws Exception { CreateUserRequest request = getDefaultCreateUserRequest(); ExternalUser createdUser = userService.createUser(request, Role.authenticated); String sessionToken = createdUser.getSessions().get(0).getSessionToken(); LoginRequest loginRequest = new LoginRequest(); loginRequest.setUsername(request.getUser().getEmailAddress()); loginRequest.setPassword(request.getPassword().getPassword()); ExternalUser loggedInUser = userService.login(loginRequest); assertThat(loggedInUser.getId().toString(), is(createdUser.getId().toString())); assertThat(loggedInUser.getSessions().get(0), is(notNullValue())); // check that a new token was issued assertThat(loggedInUser.getSessions().get(0).getSessionToken(), is(not(sessionToken))); assertThat(loggedInUser.isVerified(), is(false)); }