summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2013-08-26 10:59:18 +0200
committerAzul <azul@leap.se>2013-08-27 14:57:44 +0200
commit7ad6d054d72d3c76098f689e4e7890265a3604c8 (patch)
tree4f7b0bb9cb442de3a50dd70d1feedf72d65673b5
parent53a8481e1b2307c772220293a9a4e1cc939b7e07 (diff)
first steps towards enabling token based auth
-rw-r--r--users/app/controllers/controller_extension/authentication.rb4
-rw-r--r--users/app/controllers/controller_extension/token_authentication.rb12
-rw-r--r--users/config/initializers/add_controller_methods.rb1
-rw-r--r--users/test/functional/v1/sessions_controller_test.rb17
4 files changed, 31 insertions, 3 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 1b17589..dca3664 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -7,6 +7,10 @@ module ControllerExtension::Authentication
helper_method :current_user, :logged_in?, :admin?
end
+ def current_user
+ @current_user ||= token_authenticate || warden.user
+ end
+
def logged_in?
!!current_user
end
diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
new file mode 100644
index 0000000..71dbc50
--- /dev/null
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -0,0 +1,12 @@
+module ControllerExtension::TokenAuthentication
+ extend ActiveSupport::Concern
+
+ def token_authenticate
+ token = nil
+ authenticate_or_request_with_http_token do |token, options|
+ token = Token.find(token)
+ end
+ User.find(token.user_id) if token
+ end
+end
+
diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb
index 2579176..f572ecb 100644
--- a/users/config/initializers/add_controller_methods.rb
+++ b/users/config/initializers/add_controller_methods.rb
@@ -1,3 +1,4 @@
ActiveSupport.on_load(:application_controller) do
include ControllerExtension::Authentication
+ include ControllerExtension::TokenAuthentication
end
diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb
index 0c4e325..8a16997 100644
--- a/users/test/functional/v1/sessions_controller_test.rb
+++ b/users/test/functional/v1/sessions_controller_test.rb
@@ -7,7 +7,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
setup do
@request.env['HTTP_HOST'] = 'api.lvh.me'
- @user = stub_record :user
+ @user = stub_record :user, {}, true
@client_hex = 'a123'
end
@@ -48,13 +48,24 @@ class V1::SessionsControllerTest < ActionController::TestCase
assert_response :success
assert json_response.keys.include?("id")
assert json_response.keys.include?("token")
+ assert token = Token.find(json_response['token'])
+ assert_equal @user.id, token.user_id
end
test "logout should reset warden user" do
expect_warden_logout
delete :destroy
- assert_response :redirect
- assert_redirected_to root_url
+ assert_response 204
+ end
+
+ test "logout should remove token" do
+ login
+ expect_warden_logout
+ skip "TODO: implement token removal"
+ assert_difference "Token.count", -1 do
+ delete :destroy
+ assert_response 204
+ end
end
def expect_warden_logout