json_voorhees 0.4.8 → 0.4.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/generators/json_voorhees/app_make_user/templates/user/specs/request_specs.rb +38 -10
- data/lib/generators/json_voorhees/app_make_user/templates/user/specs/route_specs.rb +7 -0
- data/lib/generators/json_voorhees/app_make_user/templates/user/user_controller.rb +23 -4
- data/lib/generators/json_voorhees/app_make_user/templates/user/user_routes.rb +2 -0
- data/lib/generators/json_voorhees/setup_app/templates/api_controller_with_arcadex.rb +16 -8
- data/lib/json_voorhees/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 62e3de527de847411513b2544485a74289875b71
|
4
|
+
data.tar.gz: c732997e8017ebabb075519a3638d12ff5e02c37
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5254c78efd1c3f675a86a73fb60b1043d28f097d690b5fa3d54a862cd4475e39f17499afffe89d41de5627c9fa53df1960426fb9fd8f2a280ed3c1a477e47e14
|
7
|
+
data.tar.gz: 1e8ec6c058e6781e8a4f66fbffdbdf58427765a1627efc824848263e412cc799c79c912264360c33540a7a7db8ea3cbd851d48a829f7d2764eba384dea0125da
|
@@ -84,14 +84,7 @@ RSpec.describe ::People::V1::User, :type => :request do
|
|
84
84
|
token = ::People::V1::User.find(1).tokens[0]
|
85
85
|
expect(json["token"]["auth_token"]).to eq(token.auth_token)
|
86
86
|
end
|
87
|
-
|
88
|
-
end
|
89
|
-
RSpec.describe ::People::V1::User, :type => :request do
|
90
|
-
describe "Login" do
|
91
|
-
before(:example) do
|
92
|
-
@attrs = FactoryGirl.attributes_for(:people_user_1)
|
93
|
-
end
|
94
|
-
# post /api/1/users/login
|
87
|
+
# post /api/1/users/register
|
95
88
|
it "checks response of a register request with mismatched passwords" do
|
96
89
|
@attrs["password"] = "password1"
|
97
90
|
@attrs["password_confirmation"] = "password2"
|
@@ -101,6 +94,13 @@ RSpec.describe ::People::V1::User, :type => :request do
|
|
101
94
|
#Errors need to be returned
|
102
95
|
expect(json["errors"]).to_not eq(nil)
|
103
96
|
end
|
97
|
+
end
|
98
|
+
end
|
99
|
+
RSpec.describe ::People::V1::User, :type => :request do
|
100
|
+
describe "Login" do
|
101
|
+
before(:example) do
|
102
|
+
@attrs = FactoryGirl.attributes_for(:people_user_1)
|
103
|
+
end
|
104
104
|
# post /api/1/users/login
|
105
105
|
it "checks response of a valid login request" do
|
106
106
|
@attrs["password"] = "password123"
|
@@ -108,7 +108,8 @@ RSpec.describe ::People::V1::User, :type => :request do
|
|
108
108
|
user = FactoryGirl.create(:people_user_1,@attrs)
|
109
109
|
old_auth_token = user.tokens[0].auth_token
|
110
110
|
#It needs to send an email and password
|
111
|
-
|
111
|
+
hash = {"user" => @attrs}
|
112
|
+
post 'api/1/users/login', hash
|
112
113
|
expect(response.status).to eq(200) #ok
|
113
114
|
#A valid and new token need to be returned
|
114
115
|
expect(json["token"]["auth_token"]).to_not eq(old_auth_token)
|
@@ -123,8 +124,9 @@ RSpec.describe ::People::V1::User, :type => :request do
|
|
123
124
|
user = FactoryGirl.create(:people_user_1,@attrs)
|
124
125
|
#The password needs to be invalid
|
125
126
|
@attrs["password"] = "wrongPassword"
|
127
|
+
hash = {"user" => @attrs}
|
126
128
|
#It needs to send an email and password
|
127
|
-
post 'api/1/users/login',
|
129
|
+
post 'api/1/users/login', hash
|
128
130
|
expect(response.status).to eq(401) #unauthorized
|
129
131
|
#Errors need to be returned
|
130
132
|
expect(json["errors"]).to_not eq(nil)
|
@@ -148,6 +150,32 @@ RSpec.describe ::People::V1::User, :type => :request do
|
|
148
150
|
end
|
149
151
|
end
|
150
152
|
end
|
153
|
+
RSpec.describe ::People::V1::User, :type => :request do
|
154
|
+
describe "Authenticate" do
|
155
|
+
before(:example) do
|
156
|
+
@attrs = FactoryGirl.attributes_for(:people_user_1)
|
157
|
+
end
|
158
|
+
# post /api/1/users/authenticate
|
159
|
+
it "checks a valid authenticate request" do
|
160
|
+
user = FactoryGirl.create(:people_user_1,@attrs)
|
161
|
+
token = user.tokens[0].auth_token
|
162
|
+
header = {"Auth-Token" => token, "Email" => user.email}
|
163
|
+
hash = {"user" => @attrs}
|
164
|
+
post "api/1/users/authenticate/#{user.id}", hash, header
|
165
|
+
expect(response.status).to eq(200) #ok
|
166
|
+
end
|
167
|
+
# post /api/1/users/authenticate
|
168
|
+
it "checks an invalid authenticate request" do
|
169
|
+
user = FactoryGirl.create(:people_user_1,@attrs)
|
170
|
+
token = user.tokens[0].auth_token
|
171
|
+
header = {"Auth-Token" => token, "Email" => user.email}
|
172
|
+
@attrs["password"] = "false_password"
|
173
|
+
hash = {"user" => @attrs}
|
174
|
+
post "api/1/users/authenticate/#{user.id}", hash, header
|
175
|
+
expect(response.status).to eq(401) #unauthorized
|
176
|
+
end
|
177
|
+
end
|
178
|
+
end
|
151
179
|
#-#-#-#-#Serialization#-#-#-#-#
|
152
180
|
RSpec.describe ::People::V1::User, :type => :request do
|
153
181
|
describe "Serialization" do
|
@@ -22,6 +22,13 @@ RSpec.describe "Users sign up process routing", :type => :routing do
|
|
22
22
|
:action => "logout"
|
23
23
|
)
|
24
24
|
end
|
25
|
+
it "routes to authenticate" do
|
26
|
+
expect(:post => "/api/1/users/authenticate/1").to route_to(
|
27
|
+
:controller => "people/api/v1/users",
|
28
|
+
:action => "authenticate",
|
29
|
+
:id => "1"
|
30
|
+
)
|
31
|
+
end
|
25
32
|
end
|
26
33
|
<% end %>
|
27
34
|
#The standard rest routes for the user controller
|
@@ -6,7 +6,7 @@ module People
|
|
6
6
|
<% if options.arcadex? %>
|
7
7
|
skip_before_filter :authenticate_user, :only => [:register, :login]
|
8
8
|
<% end %>
|
9
|
-
before_action :set_user, only: [:show, :edit, :update]
|
9
|
+
before_action :set_user, only: [:show, :edit, :update, :authenticate]
|
10
10
|
before_action :register_authorize, only: [:register]
|
11
11
|
before_action :login_authorize, only: [:login]
|
12
12
|
before_action :logout_authorize, only: [:logout]
|
@@ -37,7 +37,7 @@ module People
|
|
37
37
|
#Should I delete the current token or ignore it?
|
38
38
|
#Find user from email and password. Create and return a new token
|
39
39
|
user = ::People::V1::User.find_by(email: get_email)
|
40
|
-
if user && user.authenticate(params[:password])
|
40
|
+
if user && user.authenticate(params[:user][:password])
|
41
41
|
token = user.tokens.create
|
42
42
|
::Arcadex::Create.set_token(token,360,request)
|
43
43
|
userHash = {id: user.id, username: user.username, email: user.email}
|
@@ -57,6 +57,14 @@ module People
|
|
57
57
|
end
|
58
58
|
<% end %>
|
59
59
|
|
60
|
+
# POST /api/1/users/authenticate
|
61
|
+
def authenticate
|
62
|
+
if authenticate_password
|
63
|
+
return
|
64
|
+
end
|
65
|
+
render json: {}
|
66
|
+
end
|
67
|
+
|
60
68
|
# GET /api/1/users
|
61
69
|
def index
|
62
70
|
@users = ::People::V1::User.all
|
@@ -70,6 +78,9 @@ module People
|
|
70
78
|
|
71
79
|
# PATCH/PUT /api/1/users/1
|
72
80
|
def update
|
81
|
+
if authenticate_password
|
82
|
+
return
|
83
|
+
end
|
73
84
|
if @user.update(user_params)
|
74
85
|
render json: @user
|
75
86
|
else
|
@@ -80,9 +91,17 @@ module People
|
|
80
91
|
private
|
81
92
|
# Use callbacks to share common setup or constraints between actions.
|
82
93
|
|
94
|
+
def authenticate_password
|
95
|
+
if !@user.authenticate(params[:user][:password])
|
96
|
+
render :json => {errors: "Email and/or Password is incorrect"}, status: :unauthorized
|
97
|
+
return true
|
98
|
+
end
|
99
|
+
return false
|
100
|
+
end
|
101
|
+
|
83
102
|
def get_email
|
84
|
-
if !params[:email].nil?
|
85
|
-
return params[:email].downcase
|
103
|
+
if !params[:user][:email].nil?
|
104
|
+
return params[:user][:email].downcase
|
86
105
|
else
|
87
106
|
return nil
|
88
107
|
end
|
@@ -11,23 +11,31 @@ class Api::V1::ApiController < ::ActionController::API
|
|
11
11
|
private
|
12
12
|
|
13
13
|
def authenticate_user
|
14
|
-
|
15
|
-
@instance_hash = ::Arcadex::Authentication.full_authentication(params,request,false)
|
14
|
+
set_hash
|
16
15
|
if @instance_hash.nil?
|
17
16
|
render :json => {errors: "User is not logged in, register or log in"} , status: :unauthorized
|
18
17
|
end
|
19
18
|
end
|
20
19
|
|
20
|
+
def set_hash
|
21
|
+
#["current_user","current_token"] Make this true to check for email also
|
22
|
+
@instance_hash = ::Arcadex::Authentication.full_authentication(params,request,false)
|
23
|
+
end
|
24
|
+
|
21
25
|
def current_user
|
22
|
-
|
23
|
-
|
24
|
-
|
26
|
+
if !@instance_hash.nil?
|
27
|
+
return @instance_hash["current_user"]
|
28
|
+
else
|
29
|
+
return nil
|
30
|
+
end
|
25
31
|
end
|
26
32
|
|
27
33
|
def current_token
|
28
|
-
|
29
|
-
|
30
|
-
|
34
|
+
if !@instance_hash.nil?
|
35
|
+
return @instance_hash["current_token"]
|
36
|
+
else
|
37
|
+
return nil
|
38
|
+
end
|
31
39
|
end
|
32
40
|
|
33
41
|
def cors_set_access_control_headers
|