-
Notifications
You must be signed in to change notification settings - Fork 92
Commit
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,9 @@ | ||
module API | ||
class BaseController < ActionController::Base | ||
skip_before_action :verify_authenticity_token | ||
class Api::BaseController < ActionController::Base | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
dalpo
Member
|
||
skip_before_action :verify_authenticity_token | ||
|
||
private | ||
private | ||
|
||
def unauthorized(reason) | ||
render json: {error: reason} | ||
end | ||
def unauthorized(reason) | ||
render status: :unauthorized, json: { error: reason } | ||
end | ||
end |
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
class Api::SessionsController < Api::BaseController | ||
def create | ||
This comment has been minimized.
Sorry, something went wrong.
bugant
Member
|
||
begin | ||
client = Octokit::Client.new(access_token: params[:access_token]) | ||
github_uid = client.user.try(:[], 'id') | ||
user = User.find_by_auth_provider(provider: 'github', uid: github_uid) | ||
|
||
if user.nil? | ||
# TODO: create a new user | ||
raise StandardError('TODO: create a new user') | ||
end | ||
|
||
tomatoes_auth = user.authorizations.where(provider: 'tomatoes').first_or_initialize | ||
tomatoes_auth.refresh_token unless tomatoes_auth.token | ||
This comment has been minimized.
Sorry, something went wrong.
bugant
Member
|
||
tomatoes_auth.save! | ||
|
||
render json: { token: tomatoes_auth.token } | ||
rescue => err | ||
Rails.logger.error("Cannot log user in using GitHub: #{err}") | ||
unauthorized('authentication failed') | ||
end | ||
end | ||
end |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -53,12 +53,17 @@ class User | |
index('authorizations.provider' => 1) | ||
|
||
def self.find_by_omniauth(auth) | ||
find_by_auth_provider(provider: auth['provider'].to_s, uid: auth['uid'].to_s) | ||
end | ||
|
||
def self.find_by_auth_provider(provider:, uid:) | ||
any_of( | ||
{ authorizations: { | ||
'$elemMatch' => { | ||
provider: auth['provider'].to_s, | ||
uid: auth['uid'].to_s } } }, | ||
provider: auth['provider'], uid: auth['uid'] | ||
{ | ||
authorizations: { | ||
'$elemMatch' => { provider: provider, uid: uid } | ||
This comment has been minimized.
Sorry, something went wrong.
bugant
Member
|
||
} | ||
}, | ||
provider: provider, uid: uid | ||
).first | ||
end | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
require 'test_helper' | ||
|
||
class Api::SessionsControllerTest < ActionController::TestCase | ||
setup do | ||
@github_user = User.create!( | ||
name: 'name', | ||
email: '[email protected]' | ||
) | ||
@github_user.authorizations.create!( | ||
provider: 'github', | ||
uid: 'github_user_id' | ||
) | ||
|
||
@github_user_with_api_auth = User.create!( | ||
name: 'name', | ||
email: '[email protected]' | ||
) | ||
@github_user_with_api_auth.authorizations.create!( | ||
provider: 'github', | ||
uid: 'github_user_with_api_auth_id' | ||
) | ||
@github_user_with_api_auth.authorizations.create!( | ||
provider: 'tomatoes', | ||
token: 'tomatoes_token' | ||
) | ||
end | ||
|
||
teardown do | ||
@github_user.destroy | ||
@github_user_with_api_auth.destroy | ||
end | ||
|
||
test 'given a github access token it should create a new session' do | ||
github_client = Octokit::Client.new | ||
github_client.expects(:user).returns('id' => 'github_user_id') | ||
Octokit::Client.expects(:new).with(access_token: 'github_access_token').returns(github_client) | ||
|
||
assert_difference('@github_user.reload.authorizations.count') do | ||
post :create, provider: 'github', access_token: 'github_access_token' | ||
end | ||
assert_response :success | ||
assert_equal 'application/json', @response.content_type | ||
assert JSON.parse(@response.body).has_key?('token') | ||
end | ||
|
||
test 'given a github access token it should return an existing session' do | ||
github_client = Octokit::Client.new | ||
github_client.expects(:user).returns('id' => 'github_user_with_api_auth_id') | ||
Octokit::Client.expects(:new).with(access_token: 'github_access_token').returns(github_client) | ||
|
||
assert_no_difference('@github_user_with_api_auth.reload.authorizations.count') do | ||
post :create, provider: 'github', access_token: 'github_access_token' | ||
end | ||
assert_response :success | ||
assert_equal 'application/json', @response.content_type | ||
assert_equal({ token: 'tomatoes_token' }.to_json, @response.body) | ||
end | ||
end |
Why are you removing the
module
declaration?