api for sessions fixed

* now we return the user id on login * allow a destroy request for logging out * added test for api sessions controller
author: Azul <azul@leap.se> 2013-02-26 11:42:19 +0100
committer: Azul <azul@leap.se> 2013-02-26 11:45:56 +0100
commit: 4a92bab4d8c231a17a14afc81c391f9a1f91c063 (patch)
tree: b877619594eac3ef37abc25df2586e0f9f6fe1f9 /users/app/controllers
parent: 389ddf51ef854c6cfa9541c717c857a8563766e4 (diff)
2 files changed, 9 insertions, 3 deletions
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 0345fbd..01ecff6 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -1,7 +1,5 @@
 class SessionsController < ApplicationController
 
-  skip_before_filter :verify_authenticity_token
-
   def new
     @session = Session.new
     if authentication_errors
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 27d10fb..0551ca9 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -18,12 +18,20 @@ module V1
 
     def update
       authenticate!
-      render :json => session.delete(:handshake)
+      render :json => login_response
     end
 
     def destroy
       logout
       redirect_to root_path
     end
+
+    protected
+
+    def login_response
+      handshake = session.delete(:handshake)
+      handshake.to_hash.merge(:id => current_user.id)
+    end
+
   end
 end
author	Azul <azul@leap.se>	2013-02-26 11:42:19 +0100
committer	Azul <azul@leap.se>	2013-02-26 11:45:56 +0100
commit	4a92bab4d8c231a17a14afc81c391f9a1f91c063 (patch)
tree	b877619594eac3ef37abc25df2586e0f9f6fe1f9 /users/app/controllers
parent	389ddf51ef854c6cfa9541c717c857a8563766e4 (diff)