Lor*_*lor 8 rspec ruby-on-rails rspec-rails
我有一个只有Rails 5 API的应用程序,并使用knock进行JWT身份验证.
完成模型和模型规范后,我开始执行请求规范.
但我不知道如何以正确的方式完成请求规范内的身份验证,
我的用户控制器,
module V1
class UsersController < ApplicationController
before_action :authenticate_user, except: [:create]
end
end
应用控制器,
class ApplicationController < ActionController::API
include Knock::Authenticable
include ActionController::Serialization
end
我最愚蠢的解决方案(在休息请求之前调用get令牌请求获取JWT),
context 'when the request contains an authentication header' do
it 'should return the user info' do
user = create(:user)
post '/user_token', params: {"auth": {"email": user.email, "password": user.password }}
body = response.body
puts body # {"jwt":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0ODgxMDgxMDYsInN1YiI6MX0.GDBHPzbivclJfwSTswXhDkV0TCFCybJFDrjBnLIfN3Q"}
# use the retrieved JWT for future requests
end
end
任何建议表示赞赏.
def authenticated_header(user)
token = Knock::AuthToken.new(payload: { sub: user.id }).token
{ 'Authorization': "Bearer #{token}" }
end
describe 'GET /users?me=true' do
URL = '/v1/users?me=true'
AUTH_URL = '/user_token'
context 'when the request with NO authentication header' do
it 'should return unauth for retrieve current user info before login' do
get URL
expect(response).to have_http_status(:unauthorized)
end
end
context 'when the request contains an authentication header' do
it 'should return the user info' do
user = create(:user)
get URL, headers: authenticated_header(user)
puts response.body
end
end
end
在 Lorem 的回答的帮助下,我能够为我的请求规范实现类似的东西。在这里分享它以供其他人查看替代实现。
# spec/requests/locations_spec.rb
require 'rails_helper'
RSpec.describe 'Locations API' do
let!(:user) { create(:user) }
let!(:locations) { create_list(:location, 10, user_id: user.id) }
describe 'GET /locations' do
it 'reponds with invalid request without JWT' do
get '/locations'
expect(response).to have_http_status(401)
expect(response.body).to match(/Invalid Request/)
end
it 'responds with JSON with JWT' do
jwt = confirm_and_login_user(user)
get '/locations', headers: { "Authorization" => "Bearer #{jwt}" }
expect(response).to have_http_status(200)
expect(json.size).to eq(10)
end
end
end
confirm_and_login_user(user)在 request_spec_helper 中定义,它作为模块包含在rails_helper.rb:
# spec/support/request_spec_helper.rb
module RequestSpecHelper
def json
JSON.parse(response.body)
end
def confirm_and_login_user(user)
get '/users/confirm', params: {token: user.confirmation_token}
post '/users/login', params: {email: user.email, password: 'password'}
return json['auth_token']
end
end
我正在使用 jwt gem 生成令牌,如本 SitePoint 教程 ( https://www.sitepoint.com/introduction-to-using-jwt-in-rails/ )中所述
| 归档时间: |
|
| 查看次数: |
4660 次 |
| 最近记录: |