Add an access token authentication credential.

This allows access if you have a token associated with your user.
author: Matthew Somerville <matthew-github@dracos.co.uk> 2017-11-22 11:21:15 +0000
committer: Matthew Somerville <matthew-github@dracos.co.uk> 2017-11-29 15:53:27 +0000
commit: 32a4a1455032e954301b1d129d9c70c6bce9606d (patch)
tree: 0179df2aeec3239c5006a720fb531942a173649b /t/app/controller/auth.t
parent: 5d485f64d864b236fdfaba1c3cbf452a7331b18d (diff)
1 files changed, 25 insertions, 0 deletions
diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t
index 661f99412..8d60137a2 100644
--- a/t/app/controller/auth.t
+++ b/t/app/controller/auth.t
@@ -251,3 +251,28 @@ FixMyStreet::override_config {
         is $mech->uri->path, '/my', "redirected to correct page";
     };
 };
+
+subtest "check logging in with token" => sub {
+    $mech->log_out_ok;
+    $mech->not_logged_in_ok;
+
+    my $user =  FixMyStreet::App->model('DB::User')->find( { email => $test_email } );
+    # token needs to be 18 characters
+    $user->set_extra_metadata('access_token', '1234567890abcdefgh');
+    $user->update();
+
+    $mech->add_header('Authorization', 'Bearer 1234567890abcdefgh');
+    $mech->logged_in_ok;
+
+    $mech->delete_header('Authorization');
+    $mech->not_logged_in_ok;
+
+    $mech->get_ok('/auth/check_auth?access_token=1234567890abcdefgh');
+
+    $mech->add_header('Authorization', 'Bearer 1234567890abcdefgh');
+    $user->set_extra_metadata('access_token', 'XXXXXXXXXXXXXXXXXX');
+    $user->update();
+    $mech->not_logged_in_ok;
+
+    $mech->delete_header('Authorization');
+};
author	Matthew Somerville <matthew-github@dracos.co.uk>	2017-11-22 11:21:15 +0000
committer	Matthew Somerville <matthew-github@dracos.co.uk>	2017-11-29 15:53:27 +0000
commit	32a4a1455032e954301b1d129d9c70c6bce9606d (patch)
tree	0179df2aeec3239c5006a720fb531942a173649b /t/app/controller/auth.t
parent	5d485f64d864b236fdfaba1c3cbf452a7331b18d (diff)