add api_token for admin

This commit is contained in:
Tanguy PATTE 2015-12-14 17:28:36 +01:00
parent 60cb6cccf5
commit e4b54999f4
4 changed files with 51 additions and 3 deletions

View file

@ -6,4 +6,25 @@ class Administrateur < ActiveRecord::Base
has_many :gestionnaires has_many :gestionnaires
has_many :procedures has_many :procedures
before_save :ensure_api_token
def ensure_api_token
if api_token.nil?
self.api_token = generate_api_token
end
end
def renew_api_token
update_attributes(api_token: generate_api_token)
end
private
def generate_api_token
loop do
token = SecureRandom.hex(20)
break token unless Administrateur.find_by(api_token: token)
end
end
end end

View file

@ -0,0 +1,5 @@
class AddAPITokenToAdministrateur < ActiveRecord::Migration
def change
add_column :administrateurs, :api_token, :string
end
end

View file

@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20151211093833) do ActiveRecord::Schema.define(version: 20151214133426) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
@ -29,6 +29,7 @@ ActiveRecord::Schema.define(version: 20151211093833) do
t.inet "last_sign_in_ip" t.inet "last_sign_in_ip"
t.datetime "created_at" t.datetime "created_at"
t.datetime "updated_at" t.datetime "updated_at"
t.string "api_token"
end end
add_index "administrateurs", ["email"], name: "index_administrateurs_on_email", unique: true, using: :btree add_index "administrateurs", ["email"], name: "index_administrateurs_on_email", unique: true, using: :btree
@ -62,8 +63,8 @@ ActiveRecord::Schema.define(version: 20151211093833) do
t.boolean "autorisation_donnees" t.boolean "autorisation_donnees"
t.string "nom_projet" t.string "nom_projet"
t.integer "procedure_id" t.integer "procedure_id"
t.datetime "created_at", default: '2015-12-07 09:51:46' t.datetime "created_at", default: '2015-09-22 09:25:29'
t.datetime "updated_at", default: '2015-12-07 09:51:46' t.datetime "updated_at", default: '2015-09-22 09:25:29'
t.string "state" t.string "state"
t.integer "user_id" t.integer "user_id"
t.text "json_latlngs" t.text "json_latlngs"

View file

@ -14,6 +14,7 @@ describe Administrateur, type: :model do
it { is_expected.to have_db_column(:last_sign_in_ip) } it { is_expected.to have_db_column(:last_sign_in_ip) }
it { is_expected.to have_db_column(:created_at) } it { is_expected.to have_db_column(:created_at) }
it { is_expected.to have_db_column(:updated_at) } it { is_expected.to have_db_column(:updated_at) }
it { is_expected.to have_db_column(:api_token) }
end end
describe 'assocations' do describe 'assocations' do
@ -21,4 +22,24 @@ describe Administrateur, type: :model do
it { is_expected.to have_many(:procedures) } it { is_expected.to have_many(:procedures) }
end end
describe 'after_save' do
subject { described_class.new(email: 'toto@tps.com', password: 'password') }
before do
subject.save
end
it { expect(subject.api_token).not_to be_blank }
end
describe 'generate_api_token' do
let(:token) { 'bullshit' }
let(:new_token) { 'pocket_master' }
let!(:admin_1) { create(:administrateur, email: 'toto@tps.com', password: 'password', api_token: token) }
before do
allow(SecureRandom).to receive(:hex).and_return(token, new_token)
admin_1.renew_api_token
end
it 'generate a token who does not already exist' do
expect(admin_1.api_token).to eq(new_token)
end
end
end end