Hotfix for broken auth tokens

JonathanPorta · Nov 30, 2014 · 2abf65c · 2abf65c
1 parent 56e0496
commit 2abf65c
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 3 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -14,7 +14,7 @@ def current_user
       @current_user ||= User.find(session[:user_id]) if session[:user_id]
     elsif request.headers['HTTP_ACCESS_TOKEN']
       logger.warn 'Getting user because request had an access token.'
-      @urrent_user ||= User.find_by facebook_token: request.headers['HTTP_ACCESS_TOKEN']
+      @urrent_user ||= User.find_by_access_token request.headers['HTTP_ACCESS_TOKEN']
     end
 
   rescue ActiveRecord::RecordNotFound => e

diff --git a/app/models/user.rb b/app/models/user.rb
@@ -18,6 +18,12 @@ class User < ActiveRecord::Base
     Librato.measure 'users.count', User.count, sporadic: true
   end
 
+  def self.find_by_access_token(token)
+    # TODO: Fix this when verb authprovider gets implemented
+    auth_provider = AuthProvider.where(provider: 'facebook', token: token).first
+    auth_provider.user if auth_provider
+  end
+
   def self.from_omniauth(auth)
     auth_provider = AuthProvider.from_omniauth auth
 

diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
@@ -0,0 +1,41 @@
+require 'rails_helper'
+
+RSpec.describe ApplicationController, type: :controller do
+
+  # Anonymous controller stub, FTW!
+  controller do
+    def index
+      @current_user = current_user
+      render text: 'Just a test, bro!'
+    end
+  end
+
+  before :each do
+    @user = FactoryGirl.create :user_with_facebook_auth
+    @valid_auth_token = @user.auth_providers.first.token
+    @invalid_auth_toke = 'INVALIDAUTHTOKEN'
+  end
+
+  let(:valid_session) { { user_id: @user.id } }
+
+  describe 'Test current_user helper' do
+
+    it 'returns correct user when valid session exists' do
+      request.session[:user_id] = @user.id
+      get :index, {}
+      expect(assigns(:current_user)).to eq(@user)
+    end
+
+    it 'returns correct user when valid header token is set' do
+      request.headers['HTTP_ACCESS_TOKEN'] = @valid_auth_token
+      get :index, {}
+      expect(assigns(:current_user)).to eq(@user)
+    end
+
+    it 'returns nil when invalid header token is set' do
+      request.headers['HTTP_ACCESS_TOKEN'] = @invalid_auth_token
+      get :index, {}
+      expect(assigns(:current_user)).to eq(nil)
+    end
+  end
+end
diff --git a/spec/factories/auth_providers.rb b/spec/factories/auth_providers.rb
@@ -1,7 +1,7 @@
 FactoryGirl.define do
   factory :auth_provider do
-    user_id 1
-    provider 'MyString'
+    user
+    provider 'facebook'
     uid 'MyString'
     nickname 'MyString'
     token 'MyString'

diff --git a/spec/factories/users.rb b/spec/factories/users.rb
@@ -6,5 +6,11 @@
     first_name { Faker::Name.first_name }
     last_name { Faker::Name.last_name }
     birthday { Faker::Business.credit_card_expiry_date }
+
+    factory :user_with_facebook_auth do
+      after(:create) do |user|
+        create_list(:auth_provider, 1, user: user)
+      end
+    end
   end
 end