diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index c73872d10..0d4a31b16 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -242,11 +242,11 @@ describe UsersController, :type => :controller do
       expect(assigns[:email_prefs]['mentioned']).to be false
     end
 
-    it 'does allow token auth' do
+    it "does not allow token auth" do
       sign_out :user
       bob.reset_authentication_token!
       get :edit, :auth_token => bob.authentication_token
-      expect(response.status).to eq(200)
+      expect(response).to redirect_to new_user_session_path
     end
   end