spec/requests/post_refresh_tokens_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

# frozen_string_literal: true

require 'rails_helper'

RSpec.describe 'POST /api/refresh_tokens', type: :request do
  let(:user) { create(:user_account) }
  let(:token) { jwt(user) }

  it 'generates a new JSON web token' do
    headers = { 'CONTENT_TYPE' => 'application/json', 'Authorization' => "Bearer #{token['refresh']}" }
    post('/api/refresh_tokens', headers:)
    expect(response).to have_http_status(200)
    expect(response.body).to include_strings(%w[refresh token])
  end

  context 'with an expired token' do
    it 'returns an error message' do
      user.update_attribute(:session_key, SecureRandom.hex(16))
      service_params = { email: user.email, role: user.role, session_key: user.session_key }
      token = Services::TokenGenerationService.new(service_params).call(DateTime.current - 7.days)
      headers = { 'CONTENT_TYPE' => 'application/json', 'Authorization' => "Bearer #{token}" }
      post('/api/refresh_tokens', headers:)
      expect(response).to have_http_status(401)
      expect(response.body).to include('error_message')
    end
  end
end