summaryrefslogtreecommitdiff
path: root/test/functional
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-05-01 10:45:57 +0200
committerAzul <azul@leap.se>2014-05-26 09:58:40 +0200
commit5764daae090227bf4c5967900b708392c967be47 (patch)
treed611429113b8b0ebc363f8b0333c6896a41c7ced /test/functional
parent0f686b1256b4190522bcb101ba06cd2c7406eb36 (diff)
hash token with sha512 against timing attacs #3398
Diffstat (limited to 'test/functional')
-rw-r--r--test/functional/test_helpers_test.rb2
-rw-r--r--test/functional/v1/sessions_controller_test.rb2
2 files changed, 2 insertions, 2 deletions
diff --git a/test/functional/test_helpers_test.rb b/test/functional/test_helpers_test.rb
index 845e516..ca85482 100644
--- a/test/functional/test_helpers_test.rb
+++ b/test/functional/test_helpers_test.rb
@@ -27,7 +27,7 @@ class TestHelpersTest < ActionController::TestCase
def test_login_adds_token_header
login
token_present = @controller.authenticate_with_http_token do |token, options|
- assert_equal @token.id, token
+ assert_equal @token.to_s, token
end
# authenticate_with_http_token just returns nil and does not
# execute the block if there is no token. So we have to also
diff --git a/test/functional/v1/sessions_controller_test.rb b/test/functional/v1/sessions_controller_test.rb
index df0d681..8bb6acd 100644
--- a/test/functional/v1/sessions_controller_test.rb
+++ b/test/functional/v1/sessions_controller_test.rb
@@ -48,7 +48,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
assert_response :success
assert json_response.keys.include?("id")
assert json_response.keys.include?("token")
- assert token = Token.find(json_response['token'])
+ assert token = Token.find_by_token(json_response['token'])
assert_equal @user.id, token.user_id
end