标签: guardian

我已经在我的应用程序中验证了路由，现在我开始使用控制器测试这些端点。但我首先需要授权我的请求，然后才能测试 API 端点。这是我的测试：

  setup %{conn: conn} do
    {:ok, conn: put_req_header(conn, "accept", "application/json")}
  end

  test "creates and renders resource when data is valid", %{conn: conn} do
    conn = post(conn, league_path(conn, :create), league: @valid_attrs)
    body = json_response(conn, 201)
    assert body["name"]
    assert Repo.get_by(League, name: "Obama's League")
  end 

当我尝试运行该测试时，出现以下错误：

expected response with status 201, got: 401, with body:
 {"errors":["Unauthenticated"]}

路由器：

pipeline :authenticated do
  plug(Guardian.Plug.EnsureAuthenticated)
end

scope "/api/v1", Statcasters do
  pipe_through([:api, :authenticated])

  resources("/users", UserController, except: [:create])
  resources("/leagues", LeagueController, only: [:create])
end

所以我试图create在我的 LeagueController …

我的混合文件包含

{:guardian, "~> 1.0"},
{:guardian_db, "~> 1.1"},

和配置包含

config :my_app, MyApp.Guardian,
   issuer: "my_app",
   ttl: {30, :days},
   allowed_drift: 2000,
   verify_issuer: true,

  #  mix guardian.gen.secret (to get a key for dev and prod envs)
   secret_key: "yKwVGXFyH6nbiE+ELRMLYjCDC3QughF02LN+xPlB7z2loDKeNuBJ6RIUdTMBul23"

config :guardian, Guardian.DB,
   repo: Qserv.BaseRepo,
   schema_name: "sessions", # default
   token_types: ["refresh_token"], # store all token types if not set
   sweep_interval: 60

我的应用程序有这条线

worker(Guardian.DB.Token.SweeperServer, []),

和我的会话表迁移

defmodule MyApp.Repo.Migrations.CreateTable.Auth.Sessions do
  use Ecto.Migration

  @table :sessions

  def change do
    create table(@table, primary_key: false) do
      add :jti, :string, primary_key: …

在使用 Guardian 验证针对 JWT 令牌的 GET 请求后，我尝试使用 JSON 进行响应。

我的测试：

  describe "Show user if authenticated" do
    setup %{conn: conn} do
      {:ok, %User{} = user} = Riders.create_user(@create_attrs)
      {:ok, jwt, claims} = Bikefit.Guardian.encode_and_sign(user)
      IO.inspect claims
      conn = put_req_header(conn, "authorization", "Bearer #{jwt}")
      {:ok, conn: conn, user: user}
    end

    test  "and return user if token is valid", %{conn: conn, user: user} do
      email = user.email
      conn = get conn, current_user_path(conn, :current)
      response = json_response(conn, 200)
      IO.puts "---------- test response--------"
      IO.inspect response
      assert %{"email" => …