From 653f92e6ac5c0b61e8113665735d929426deb714 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 20 Apr 2017 15:59:18 +0200 Subject: fix: set token in forms correctly We now use the hash of the token for comparison and as the id. In order to use it you need the original token though. So forms and thus the session should have token.to_s rather than token.id. --- app/controllers/api/sessions_controller.rb | 2 +- test/integration/browser/account_livecycle_test.rb | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/app/controllers/api/sessions_controller.rb b/app/controllers/api/sessions_controller.rb index 178f86e..3883115 100644 --- a/app/controllers/api/sessions_controller.rb +++ b/app/controllers/api/sessions_controller.rb @@ -25,7 +25,7 @@ module Api def update authenticate! @token = Token.create(:user_id => current_user.id) - session[:token] = @token.id + session[:token] = @token.to_s render :json => login_response end diff --git a/test/integration/browser/account_livecycle_test.rb b/test/integration/browser/account_livecycle_test.rb index 3d23363..694ff9c 100644 --- a/test/integration/browser/account_livecycle_test.rb +++ b/test/integration/browser/account_livecycle_test.rb @@ -92,7 +92,7 @@ class AccountLivecycleTest < BrowserIntegrationTest test "change pgp key" do with_config user_actions: ['change_pgp_key'] do pgp_key = FactoryGirl.build :pgp_key - login + username, _password = submit_signup click_on "Account Settings" within('#update_pgp_key') do fill_in 'Public key', with: pgp_key @@ -102,8 +102,7 @@ class AccountLivecycleTest < BrowserIntegrationTest # at some point we're done: page.assert_no_selector 'input[value="Saving..."]' assert page.has_field? 'Public key', with: pgp_key.to_s - @user.reload - assert_equal pgp_key, @user.public_key + assert_equal pgp_key, User.find_by_login(username).public_key end end -- cgit v1.2.3