diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index c73872d10af76f0be812b64b48bc6d970117b573..0d4a31b160a9ab49e118021f63c40b5d4a66c28c 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -242,11 +242,11 @@ describe UsersController, :type => :controller do
       expect(assigns[:email_prefs]['mentioned']).to be false
     end
 
-    it 'does allow token auth' do
+    it "does not allow token auth" do
       sign_out :user
       bob.reset_authentication_token!
       get :edit, :auth_token => bob.authentication_token
-      expect(response.status).to eq(200)
+      expect(response).to redirect_to new_user_session_path
     end
   end