serve api version 1 in /1/

Just a very simple start for now.

Do we want to use the api for the secure remote password auth from js?

5 files changed, 50 insertions, 4 deletions

diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
new file mode 100644
index 0000000..5b4a13b
--- /dev/null
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -0,0 +1,28 @@
+module V1
+  class SessionsController < ApplicationController
+
+    skip_before_filter :verify_authenticity_token
+
+    def new
+      @session = Session.new
+      if authentication_errors
+        @errors = authentication_errors
+        render :status => 422
+      end
+    end
+
+    def create
+      authenticate!
+    end
+
+    def update
+      authenticate!
+      render :json => session.delete(:handshake)
+    end
+
+    def destroy
+      logout
+      redirect_to root_path
+    end
+  end
+end
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
new file mode 100644
index 0000000..eda2fad
--- /dev/null
+++ b/users/app/controllers/v1/users_controller.rb
@@ -0,0 +1,13 @@
+module V1
+  class UsersController < ApplicationController
+
+    skip_before_filter :verify_authenticity_token, :only => [:create]
+
+    respond_to :json
+
+    def create
+      @user = User.create(params[:user])
+      respond_with @user
+    end
+  end
+end
diff --git a/users/config/routes.rb b/users/config/routes.rb
index 1d144b4..6de216f 100644
--- a/users/config/routes.rb
+++ b/users/config/routes.rb
@@ -1,5 +1,10 @@
 Rails.application.routes.draw do
 
+  scope "/1", :module => "V1", defaults: {format: 'json'} do
+    resources :sessions, :only => [:new, :create, :update, :destroy]
+    resources :users, :only => [:create]
+  end
+
   get "login" => "sessions#new", :as => "login"
   get "logout" => "sessions#destroy", :as => "logout"
   resources :sessions, :only => [:new, :create, :update, :destroy]
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index add12fe..e425c35 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -26,7 +26,7 @@ class AccountFlowTest < ActiveSupport::TestCase
       :password_verifier => @srp.verifier.to_s(16),
       :password_salt => @srp.salt.to_s(16)
     }
-    post '/users.json', :user => @user_params
+    post '/1/users.json', :user => @user_params
     @user = User.find_by_param(@login)
   end
 
@@ -36,7 +36,7 @@ class AccountFlowTest < ActiveSupport::TestCase
 
   # this test wraps the api and implements the interface the ruby-srp client.
   def handshake(login, aa)
-    post "/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json
+    post "/1/sessions.json", :login => login, 'A' => aa.to_s(16), :format => :json
     response = JSON.parse(last_response.body)
     if response['errors']
       raise RECORD_NOT_FOUND.new(response['errors'])
@@ -46,7 +46,7 @@ class AccountFlowTest < ActiveSupport::TestCase
   end
 
   def validate(m)
-    put "/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json
+    put "/1/sessions/" + @login + '.json', :client_auth => m.to_s(16), :format => :json
     return JSON.parse(last_response.body)
   end
 
diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py
index b599252..f28aeda 100755
--- a/users/test/integration/api/python/flow_with_srp.py
+++ b/users/test/integration/api/python/flow_with_srp.py
@@ -16,7 +16,7 @@ def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
   return ''.join(random.choice(chars) for x in range(size))
 
 # using globals for a start
-server = 'http://springbok.leap.se/1/'
+server = 'http://localhost:3000/1'
 login = id_generator()
 password = id_generator() + id_generator()