diff options
Diffstat (limited to 'spec/requests/post_refresh_tokens_spec.rb')
-rw-r--r-- | spec/requests/post_refresh_tokens_spec.rb | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/spec/requests/post_refresh_tokens_spec.rb b/spec/requests/post_refresh_tokens_spec.rb new file mode 100644 index 0000000..836e340 --- /dev/null +++ b/spec/requests/post_refresh_tokens_spec.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'POST /api/refresh_tokens', type: :request do + let(:user) { create(:user_account) } + let(:token) { jwt(user) } + + it 'generates a new JSON web token' do + headers = { 'CONTENT_TYPE' => 'application/json', 'Authorization' => "Bearer #{token['refresh']}" } + post('/api/refresh_tokens', headers:) + expect(response).to have_http_status(200) + expect(response.body).to include_strings(%w[refresh token]) + end + + context 'with an expired token' do + it 'returns an error message' do + user.update_attribute(:session_key, SecureRandom.hex(16)) + service_params = { email: user.email, role: user.role, session_key: user.session_key } + token = Services::TokenGenerationService.new(service_params).call(DateTime.current - 7.days) + headers = { 'CONTENT_TYPE' => 'application/json', 'Authorization' => "Bearer #{token}" } + post('/api/refresh_tokens', headers:) + expect(response).to have_http_status(401) + expect(response.body).to include('error_message') + end + end +end |