From e072ac2fa8bc93ed782df1ff95130f4794f9640f Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Mon, 28 Mar 2016 15:55:19 -0700
Subject: api: added allow ability to limit what IPs can access api using a
 static configured auth token.

---
 test/support/auth_test_helper.rb | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'test/support/auth_test_helper.rb')

diff --git a/test/support/auth_test_helper.rb b/test/support/auth_test_helper.rb
index 7af3341..acc6076 100644
--- a/test/support/auth_test_helper.rb
+++ b/test/support/auth_test_helper.rb
@@ -29,6 +29,21 @@ module AuthTestHelper
     @token.expects(:destroy) if @token
   end
 
+  # authenticate as the api monitor
+  def monitor_auth(&block)
+    token_auth(APP_CONFIG['api_tokens']['monitor'], &block)
+  end
+
+  # authenticate with a token
+  def token_auth(token_str)
+    original = request.env['HTTP_AUTHORIZATION']
+    request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Token.encode_credentials(token_str)
+    if block_given?
+      yield
+      request.env['HTTP_AUTHORIZATION'] = original
+    end
+  end
+
   protected
 
   def header_for_token_auth
-- 
cgit v1.2.3