Merge pull request #163 from azul/feature/3398-save-hashed-token

hash token with sha512 against timing attacs #3398

2 files changed, 2 insertions, 2 deletions

diff --git a/test/functional/test_helpers_test.rb b/test/functional/test_helpers_test.rb
index 845e516..ca85482 100644
--- a/test/functional/test_helpers_test.rb
+++ b/test/functional/test_helpers_test.rb
@@ -27,7 +27,7 @@ class TestHelpersTest < ActionController::TestCase
   def test_login_adds_token_header
     login
     token_present = @controller.authenticate_with_http_token do |token, options|
-      assert_equal @token.id, token
+      assert_equal @token.to_s, token
     end
     # authenticate_with_http_token just returns nil and does not
     # execute the block if there is no token. So we have to also
diff --git a/test/functional/v1/sessions_controller_test.rb b/test/functional/v1/sessions_controller_test.rb
index df0d681..8bb6acd 100644
--- a/test/functional/v1/sessions_controller_test.rb
+++ b/test/functional/v1/sessions_controller_test.rb
@@ -48,7 +48,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
     assert_response :success
     assert json_response.keys.include?("id")
     assert json_response.keys.include?("token")
-    assert token = Token.find(json_response['token'])
+    assert token = Token.find_by_token(json_response['token'])
     assert_equal @user.id, token.user_id
   end