add api_token for admin
This commit is contained in:
Tanguy PATTE
parent
60cb6cccf5
commit
e4b54999f4
4 changed files with 51 additions and 3 deletions
|
|
@ -6,4 +6,25 @@ class Administrateur < ActiveRecord::Base
|
|||
|
||||
has_many :gestionnaires
|
||||
has_many :procedures
|
||||
|
||||
before_save :ensure_api_token
|
||||
|
||||
def ensure_api_token
|
||||
if api_token.nil?
|
||||
self.api_token = generate_api_token
|
||||
end
|
||||
end
|
||||
|
||||
def renew_api_token
|
||||
update_attributes(api_token: generate_api_token)
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def generate_api_token
|
||||
loop do
|
||||
token = SecureRandom.hex(20)
|
||||
break token unless Administrateur.find_by(api_token: token)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -0,0 +1,5 @@
|
|||
class AddAPITokenToAdministrateur < ActiveRecord::Migration
|
||||
def change
|
||||
add_column :administrateurs, :api_token, :string
|
||||
end
|
||||
end
|
||||
|
|
@ -11,7 +11,7 @@
|
|||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(version: 20151211093833) do
|
||||
ActiveRecord::Schema.define(version: 20151214133426) do
|
||||
|
||||
# These are extensions that must be enabled in order to support this database
|
||||
enable_extension "plpgsql"
|
||||
|
|
@ -29,6 +29,7 @@ ActiveRecord::Schema.define(version: 20151211093833) do
|
|||
t.inet "last_sign_in_ip"
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.string "api_token"
|
||||
end
|
||||
|
||||
add_index "administrateurs", ["email"], name: "index_administrateurs_on_email", unique: true, using: :btree
|
||||
|
|
@ -62,8 +63,8 @@ ActiveRecord::Schema.define(version: 20151211093833) do
|
|||
t.boolean "autorisation_donnees"
|
||||
t.string "nom_projet"
|
||||
t.integer "procedure_id"
|
||||
t.datetime "created_at", default: '2015-12-07 09:51:46'
|
||||
t.datetime "updated_at", default: '2015-12-07 09:51:46'
|
||||
t.datetime "created_at", default: '2015-09-22 09:25:29'
|
||||
t.datetime "updated_at", default: '2015-09-22 09:25:29'
|
||||
t.string "state"
|
||||
t.integer "user_id"
|
||||
t.text "json_latlngs"
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ describe Administrateur, type: :model do
|
|||
it { is_expected.to have_db_column(:last_sign_in_ip) }
|
||||
it { is_expected.to have_db_column(:created_at) }
|
||||
it { is_expected.to have_db_column(:updated_at) }
|
||||
it { is_expected.to have_db_column(:api_token) }
|
||||
end
|
||||
|
||||
describe 'assocations' do
|
||||
|
|
@ -21,4 +22,24 @@ describe Administrateur, type: :model do
|
|||
it { is_expected.to have_many(:procedures) }
|
||||
end
|
||||
|
||||
describe 'after_save' do
|
||||
subject { described_class.new(email: 'toto@tps.com', password: 'password') }
|
||||
before do
|
||||
subject.save
|
||||
end
|
||||
it { expect(subject.api_token).not_to be_blank }
|
||||
end
|
||||
|
||||
describe 'generate_api_token' do
|
||||
let(:token) { 'bullshit' }
|
||||
let(:new_token) { 'pocket_master' }
|
||||
let!(:admin_1) { create(:administrateur, email: 'toto@tps.com', password: 'password', api_token: token) }
|
||||
before do
|
||||
allow(SecureRandom).to receive(:hex).and_return(token, new_token)
|
||||
admin_1.renew_api_token
|
||||
end
|
||||
it 'generate a token who does not already exist' do
|
||||
expect(admin_1.api_token).to eq(new_token)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Reference in a new issue