summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/api/refresh_tokens_controller.rb2
-rw-r--r--app/controllers/api/sessions_controller.rb2
-rw-r--r--app/controllers/api/user_accounts_controller.rb4
-rw-r--r--spec/requests/sessions_controller/post_sessions_controller_spec.rb4
-rw-r--r--spec/requests/user_accounts_controller/post_user_accounts_spec.rb8
-rw-r--r--spec/support/sessions_helper.rb2
6 files changed, 9 insertions, 13 deletions
diff --git a/app/controllers/api/refresh_tokens_controller.rb b/app/controllers/api/refresh_tokens_controller.rb
index fd16079..1f78f4d 100644
--- a/app/controllers/api/refresh_tokens_controller.rb
+++ b/app/controllers/api/refresh_tokens_controller.rb
@@ -3,8 +3,6 @@
module Api
# The controller to generate new tokens.
class RefreshTokensController < AuthenticatedController
- before_action :validate_jwt
-
def create
@current_user_account.update_attribute(:session_key, SecureRandom.hex(16))
@token = service.call(authentication_token[0]['exp'])
diff --git a/app/controllers/api/sessions_controller.rb b/app/controllers/api/sessions_controller.rb
index 64d5464..3d9f315 100644
--- a/app/controllers/api/sessions_controller.rb
+++ b/app/controllers/api/sessions_controller.rb
@@ -29,7 +29,7 @@ module Api
end
def permitted_params
- params.require(:credentials).permit(:email, :password)
+ params.permit(:email, :password)
end
end
end
diff --git a/app/controllers/api/user_accounts_controller.rb b/app/controllers/api/user_accounts_controller.rb
index 85323df..600e168 100644
--- a/app/controllers/api/user_accounts_controller.rb
+++ b/app/controllers/api/user_accounts_controller.rb
@@ -10,7 +10,7 @@ module Api
end
def create
- @user_account = UserAccount.new(permitted_params)
+ @user_account = UserAccount.new(permitted_params.merge(role: 'regular'))
render json: generate_token, status: :ok and return if @user_account.save
@@ -25,7 +25,7 @@ module Api
end
def permitted_params
- params.require(:user_account).permit(:role, :email, :first_name, :last_name, :password)
+ params.permit(:email, :first_name, :last_name, :password)
end
end
end
diff --git a/spec/requests/sessions_controller/post_sessions_controller_spec.rb b/spec/requests/sessions_controller/post_sessions_controller_spec.rb
index 31cef31..c67b14d 100644
--- a/spec/requests/sessions_controller/post_sessions_controller_spec.rb
+++ b/spec/requests/sessions_controller/post_sessions_controller_spec.rb
@@ -10,7 +10,7 @@ RSpec.describe 'POST /api/login', type: :request do
let(:desired_error_status) { 401 }
let(:expected_text) { %w[token refresh] }
let(:user) { create(:user_account) }
- let(:params) { { credentials: { email: user.email, password: user.password } } }
- let(:wrong_params) { { credentials: { email: user.email, password: 'wrong_password' } } }
+ let(:params) { { email: user.email, password: user.password } }
+ let(:wrong_params) { { email: user.email, password: 'wrong_password' } }
end
end
diff --git a/spec/requests/user_accounts_controller/post_user_accounts_spec.rb b/spec/requests/user_accounts_controller/post_user_accounts_spec.rb
index 7c5aacc..ba77ae5 100644
--- a/spec/requests/user_accounts_controller/post_user_accounts_spec.rb
+++ b/spec/requests/user_accounts_controller/post_user_accounts_spec.rb
@@ -7,16 +7,14 @@ RSpec.describe 'POST /api/user_accounts', type: :request do
let(:headers) { { 'CONTENT_TYPE' => 'application/json' } }
let(:route) { '/api/user_accounts' }
let(:expected_error_messages) do
- ["Password can't be blank", 'Email is invalid', "First name can't be blank", "Last name can't be blank",
- "Role can't be blank"]
+ ["Password can't be blank", 'Email is invalid', "First name can't be blank", "Last name can't be blank" ]
end
let(:desired_error_status) { 422 }
let(:expected_text) { %w[token refresh] }
let(:user) { create(:user_account) }
let(:params) do
- { user_account: JSON.parse(user.to_json).except('session_key', 'created_at', 'updated_at', 'id',
- 'password_digest').merge({ password: user.password }) }
+ { email: user.email, password: user.password, first_name: user.first_name, last_name: user.last_name}
end
- let(:wrong_params) { { user_account: { email: 'notanemail', password: '' } } }
+ let(:wrong_params) { { email: 'notanemail', password: '' } }
end
end
diff --git a/spec/support/sessions_helper.rb b/spec/support/sessions_helper.rb
index 025f47e..1508c7e 100644
--- a/spec/support/sessions_helper.rb
+++ b/spec/support/sessions_helper.rb
@@ -5,7 +5,7 @@ require 'rails_helper'
# Module to generate JWTs for use in specs.
module SessionsHelper
def jwt(user)
- user_params = { credentials: { email: user.email, password: user.password } }
+ user_params = { email: user.email, password: user.password }
post('/api/login', params: user_params)
JSON.parse(response.body)
end