From 7ad6d054d72d3c76098f689e4e7890265a3604c8 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 26 Aug 2013 10:59:18 +0200
Subject: first steps towards enabling token based auth

---
 .../controllers/controller_extension/authentication.rb  |  4 ++++
 .../controller_extension/token_authentication.rb        | 12 ++++++++++++
 users/config/initializers/add_controller_methods.rb     |  1 +
 users/test/functional/v1/sessions_controller_test.rb    | 17 ++++++++++++++---
 4 files changed, 31 insertions(+), 3 deletions(-)
 create mode 100644 users/app/controllers/controller_extension/token_authentication.rb

(limited to 'users')

diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 1b17589..dca3664 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -7,6 +7,10 @@ module ControllerExtension::Authentication
     helper_method :current_user, :logged_in?, :admin?
   end
 
+  def current_user
+    @current_user ||= token_authenticate || warden.user
+  end
+
   def logged_in?
     !!current_user
   end
diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
new file mode 100644
index 0000000..71dbc50
--- /dev/null
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -0,0 +1,12 @@
+module ControllerExtension::TokenAuthentication
+  extend ActiveSupport::Concern
+
+  def token_authenticate
+    token = nil
+    authenticate_or_request_with_http_token do |token, options|
+      token = Token.find(token)
+    end
+    User.find(token.user_id) if token
+  end
+end
+
diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb
index 2579176..f572ecb 100644
--- a/users/config/initializers/add_controller_methods.rb
+++ b/users/config/initializers/add_controller_methods.rb
@@ -1,3 +1,4 @@
 ActiveSupport.on_load(:application_controller) do
   include ControllerExtension::Authentication
+  include ControllerExtension::TokenAuthentication
 end
diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb
index 0c4e325..8a16997 100644
--- a/users/test/functional/v1/sessions_controller_test.rb
+++ b/users/test/functional/v1/sessions_controller_test.rb
@@ -7,7 +7,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
 
   setup do
     @request.env['HTTP_HOST'] = 'api.lvh.me'
-    @user = stub_record :user
+    @user = stub_record :user, {}, true
     @client_hex = 'a123'
   end
 
@@ -48,13 +48,24 @@ class V1::SessionsControllerTest < ActionController::TestCase
     assert_response :success
     assert json_response.keys.include?("id")
     assert json_response.keys.include?("token")
+    assert token = Token.find(json_response['token'])
+    assert_equal @user.id, token.user_id
   end
 
   test "logout should reset warden user" do
     expect_warden_logout
     delete :destroy
-    assert_response :redirect
-    assert_redirected_to root_url
+    assert_response 204
+  end
+
+  test "logout should remove token" do
+    login
+    expect_warden_logout
+    skip "TODO: implement token removal"
+    assert_difference "Token.count", -1 do
+      delete :destroy
+      assert_response 204
+    end
   end
 
   def expect_warden_logout
-- 
cgit v1.2.3