diff options
-rw-r--r-- | spec/controllers/authentications_controller_spec.rb | 1 | ||||
-rw-r--r-- | spec/controllers/refresh_tokens_controller_spec.rb | 7 | ||||
-rw-r--r-- | spec/rails_helper.rb | 1 | ||||
-rw-r--r-- | spec/requests/authentications_spec.rb | 1 | ||||
-rw-r--r-- | spec/requests/post_refresh_tokens_spec.rb | 27 | ||||
-rw-r--r-- | spec/requests/post_user_accounts_spec.rb | 1 | ||||
-rw-r--r-- | spec/support/sessions_helper.rb | 6 |
7 files changed, 40 insertions, 4 deletions
diff --git a/spec/controllers/authentications_controller_spec.rb b/spec/controllers/authentications_controller_spec.rb index 5a36544..43e7439 100644 --- a/spec/controllers/authentications_controller_spec.rb +++ b/spec/controllers/authentications_controller_spec.rb @@ -5,5 +5,4 @@ require 'rails_helper' RSpec.describe Api::AuthenticationsController, type: :controller do it { should route(:post, '/api/authenticate').to(action: :create) } it { should route(:delete, '/api/logout').to(action: :destroy) } - it { should route(:post, '/api/refresh_token').to(action: :refresh)} end diff --git a/spec/controllers/refresh_tokens_controller_spec.rb b/spec/controllers/refresh_tokens_controller_spec.rb new file mode 100644 index 0000000..e8f9a66 --- /dev/null +++ b/spec/controllers/refresh_tokens_controller_spec.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe Api::RefreshTokensController, type: :controller do + it { should route(:post, '/api/refresh_tokens').to(action: :create) } +end diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index ea338cd..9f8c999 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -60,6 +60,7 @@ RSpec.configure do |config| config.filter_rails_from_backtrace! # arbitrary gems may also be filtered via: # config.filter_gems_from_backtrace("gem name") + config.include SessionsHelper, type: :request end Shoulda::Matchers.configure do |config| diff --git a/spec/requests/authentications_spec.rb b/spec/requests/authentications_spec.rb index 3b1da3e..6b33402 100644 --- a/spec/requests/authentications_spec.rb +++ b/spec/requests/authentications_spec.rb @@ -4,6 +4,7 @@ require 'rails_helper' RSpec.describe 'POST /api/authenticate', type: :request do it_behaves_like 'a POST request' do + let(:headers) { { 'CONTENT_TYPE' => 'application/json' } } let(:route) { '/api/authenticate' } let(:expected_error_messages) { ['Credenciales incorrectas'] } let(:desired_error_status) { 401 } diff --git a/spec/requests/post_refresh_tokens_spec.rb b/spec/requests/post_refresh_tokens_spec.rb new file mode 100644 index 0000000..836e340 --- /dev/null +++ b/spec/requests/post_refresh_tokens_spec.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'POST /api/refresh_tokens', type: :request do + let(:user) { create(:user_account) } + let(:token) { jwt(user) } + + it 'generates a new JSON web token' do + headers = { 'CONTENT_TYPE' => 'application/json', 'Authorization' => "Bearer #{token['refresh']}" } + post('/api/refresh_tokens', headers:) + expect(response).to have_http_status(200) + expect(response.body).to include_strings(%w[refresh token]) + end + + context 'with an expired token' do + it 'returns an error message' do + user.update_attribute(:session_key, SecureRandom.hex(16)) + service_params = { email: user.email, role: user.role, session_key: user.session_key } + token = Services::TokenGenerationService.new(service_params).call(DateTime.current - 7.days) + headers = { 'CONTENT_TYPE' => 'application/json', 'Authorization' => "Bearer #{token}" } + post('/api/refresh_tokens', headers:) + expect(response).to have_http_status(401) + expect(response.body).to include('error_message') + end + end +end diff --git a/spec/requests/post_user_accounts_spec.rb b/spec/requests/post_user_accounts_spec.rb index 4370af8..7c5aacc 100644 --- a/spec/requests/post_user_accounts_spec.rb +++ b/spec/requests/post_user_accounts_spec.rb @@ -4,6 +4,7 @@ require 'rails_helper' RSpec.describe 'POST /api/user_accounts', type: :request do it_behaves_like 'a POST request' do + let(:headers) { { 'CONTENT_TYPE' => 'application/json' } } let(:route) { '/api/user_accounts' } let(:expected_error_messages) do ["Password can't be blank", 'Email is invalid', "First name can't be blank", "Last name can't be blank", diff --git a/spec/support/sessions_helper.rb b/spec/support/sessions_helper.rb index eeb12d8..7cc4d33 100644 --- a/spec/support/sessions_helper.rb +++ b/spec/support/sessions_helper.rb @@ -6,7 +6,7 @@ require 'rails_helper' module SessionsHelper def jwt(user) user_params = { credentials: { email: user.email, password: user.password } } - post('/api/authenticate', user_params.to_json) - JSON.parse(response.body)['token'] + post('/api/authenticate', params: user_params) + JSON.parse(response.body) end -end
\ No newline at end of file +end |