Merge branch 'access-token-auth'

author: Matthew Somerville <matthew-github@dracos.co.uk> 2017-11-29 20:55:47 +0000
committer: Matthew Somerville <matthew-github@dracos.co.uk> 2017-11-29 20:55:47 +0000
commit: 12653962d58df6be6ff1a753e3370ff3077030c1 (patch)
tree: 937812fe7e8ae328ec05ef0d2db409c9c0b09be8 /t/app/controller/auth.t
parent: 487198a6cd46e9824045676773990b73baac2d89 (diff)
parent: 250cbde400f03f20f1801e828a6c9da3c0881381 (diff)
1 files changed, 25 insertions, 0 deletions
diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t
index 661f99412..8d60137a2 100644
--- a/t/app/controller/auth.t
+++ b/t/app/controller/auth.t
@@ -251,3 +251,28 @@ FixMyStreet::override_config {
         is $mech->uri->path, '/my', "redirected to correct page";
     };
 };
+
+subtest "check logging in with token" => sub {
+    $mech->log_out_ok;
+    $mech->not_logged_in_ok;
+
+    my $user =  FixMyStreet::App->model('DB::User')->find( { email => $test_email } );
+    # token needs to be 18 characters
+    $user->set_extra_metadata('access_token', '1234567890abcdefgh');
+    $user->update();
+
+    $mech->add_header('Authorization', 'Bearer 1234567890abcdefgh');
+    $mech->logged_in_ok;
+
+    $mech->delete_header('Authorization');
+    $mech->not_logged_in_ok;
+
+    $mech->get_ok('/auth/check_auth?access_token=1234567890abcdefgh');
+
+    $mech->add_header('Authorization', 'Bearer 1234567890abcdefgh');
+    $user->set_extra_metadata('access_token', 'XXXXXXXXXXXXXXXXXX');
+    $user->update();
+    $mech->not_logged_in_ok;
+
+    $mech->delete_header('Authorization');
+};
author	Matthew Somerville <matthew-github@dracos.co.uk>	2017-11-29 20:55:47 +0000
committer	Matthew Somerville <matthew-github@dracos.co.uk>	2017-11-29 20:55:47 +0000
commit	12653962d58df6be6ff1a753e3370ff3077030c1 (patch)
tree	937812fe7e8ae328ec05ef0d2db409c9c0b09be8 /t/app/controller/auth.t
parent	487198a6cd46e9824045676773990b73baac2d89 (diff)
parent	250cbde400f03f20f1801e828a6c9da3c0881381 (diff)