[Git][noosfero/noosfero][master] 3 commits: Share session between grape and rails
Leandro Nunes
gitlab at mg.gitlab.com
Mon Jul 31 17:54:15 BRT 2017
Leandro Nunes pushed to branch master at Noosfero / noosfero
Commits:
edcd88ea by Victor Costa at 2017-07-31T11:03:41-03:00
Share session between grape and rails
- - - - -
c343ec8b by Victor Costa at 2017-07-31T14:30:58-03:00
Fix unstable test of events controller
- - - - -
c47fd6bc by Leandro Nunes at 2017-07-31T20:54:04+00:00
Merge branch 'login-api' into 'master'
Share session between grape and rails
See merge request !1291
- - - - -
4 changed files:
- app/api/helpers.rb
- app/concerns/authenticated_system.rb
- test/api/helpers_test.rb
- test/functional/events_controller_test.rb
Changes:
=====================================
app/api/helpers.rb
=====================================
--- a/app/api/helpers.rb
+++ b/app/api/helpers.rb
@@ -22,10 +22,15 @@ module Api
plugins
end
+ def session
+ Session.find_by(session_id: cookies[:_noosfero_session])
+ end
+
def current_user
private_token = (params[PRIVATE_TOKEN_PARAM] || headers['Private-Token']).to_s
@current_user ||= User.find_by private_token: private_token
@current_user ||= plugins.dispatch("api_custom_login", request).first
+ @current_user = session.user if @current_user.blank? && session.present?
@current_user
end
=====================================
app/concerns/authenticated_system.rb
=====================================
--- a/app/concerns/authenticated_system.rb
+++ b/app/concerns/authenticated_system.rb
@@ -9,6 +9,7 @@ module AuthenticatedSystem
around_filter :user_set_current
before_filter :override_user
before_filter :login_from_cookie
+ before_filter :login_from_private_token
end
# Inclusion hook to make #current_user and #logged_in?
@@ -158,6 +159,12 @@ module AuthenticatedSystem
self.current_user = user if user and user.remember_token?
end
+ def login_from_private_token
+ return if cookies['_noosfero_api_session'].blank? or logged_in?
+ user = User.where(private_token: cookies['_noosfero_api_session']).first
+ self.current_user = user if user
+ end
+
private
@@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization)
# gets BASIC auth info
=====================================
test/api/helpers_test.rb
=====================================
--- a/test/api/helpers_test.rb
+++ b/test/api/helpers_test.rb
@@ -275,6 +275,14 @@ class Api::HelpersTest < ActiveSupport::TestCase
assert_equal expected, hash.first[:errors][:identifier]
end
+ should 'get the current user from rails session' do
+ user = create_user
+ session = create(Session, session_id: 'some_id', data: { 'user' => user.id })
+ stubs(:request)
+ stubs(:cookies).returns({_noosfero_session: session.session_id})
+ assert_equal user, current_user
+ end
+
protected
def error!(info, status)
=====================================
test/functional/events_controller_test.rb
=====================================
--- a/test/functional/events_controller_test.rb
+++ b/test/functional/events_controller_test.rb
@@ -47,7 +47,7 @@ class EventsControllerTest < ActionController::TestCase
end
should "show events for current month only" do
- profile.events << Event.create(:name => 'Maria Birthday', :start_date => DateTime.now.at_end_of_month - 1)
+ profile.events << Event.create(:name => 'Maria Birthday', :start_date => DateTime.now.in_time_zone.at_end_of_month - 1)
profile.events << Event.create(:name => 'Joao Birthday', :start_date => DateTime.now + 31)
get :events, :profile => profile.identifier
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/d7055b81653377276a7872678935087f1997f436...c47fd6bc219d2d6ca078b43ee5d29b6c6fd8add1
---
View it on GitLab: https://gitlab.com/noosfero/noosfero/compare/d7055b81653377276a7872678935087f1997f436...c47fd6bc219d2d6ca078b43ee5d29b6c6fd8add1
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20170731/01cdb1f1/attachment-0001.html>
More information about the Noosfero-dev
mailing list