Merge 7ac881a into fc0e05c

blackcandy-org · Sep 22, 2023 · 9db8c1e · 9db8c1e
2 parents fc0e05c + 7ac881a
commit 9db8c1e
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 7 deletions.
diff --git a/app/controllers/api/v1/api_controller.rb b/app/controllers/api/v1/api_controller.rb
@@ -6,7 +6,6 @@ class ApiController < ApplicationController
       skip_before_action :verify_authenticity_token
 
       rescue_from ActiveRecord::RecordNotUnique do
-        # render json: {type: "RecordNotUnique", message: t("error.already_in_playlist")}, status: :bad_request
         render json: ApiError.new(:record_not_unique, t("error.already_in_playlist")), status: :bad_request
       end
 

diff --git a/app/controllers/api/v1/authentications_controller.rb b/app/controllers/api/v1/authentications_controller.rb
@@ -10,19 +10,24 @@ def create
         session = UserSession.new(session_params.merge({remember_me: true}).to_h)
 
         if params[:with_session]
-          return head :unauthorized unless session.save
+          render_unauthorized and return unless session.save
         else
-          return head :unauthorized unless session.valid?
+          render_unauthorized and return unless session.valid?
         end
 
         @current_user = User.find_by(email: session_params[:email])
-        return head :unauthorized unless @current_user.present?
+
+        render_unauthorized and return unless @current_user.present?
 
         @current_user.regenerate_api_token if @current_user.api_token.blank?
       end
 
       private
 
+      def render_unauthorized
+        render(json: ApiError.new(:invalid_credential, t("error.login")), status: :unauthorized)
+      end
+
       def session_params
         params.require(:user_session).permit(:email, :password)
       end

diff --git a/app/models/api_error.rb b/app/models/api_error.rb
@@ -2,7 +2,8 @@
 
 class ApiError
   TYPES = {
-    record_not_unique: "RecordNotUnique"
+    record_not_unique: "RecordNotUnique",
+    invalid_credential: "InvalidCredential"
   }
 
   attr_reader :type, :message

diff --git a/test/controllers/api/v1/authentications_controller_test.rb b/test/controllers/api/v1/authentications_controller_test.rb
@@ -54,7 +54,6 @@ class Api::V1::AuthenticationsControllerTest < ActionDispatch::IntegrationTest
 
     assert_response :unauthorized
     assert_nil session[:user_credentials]
-    assert_empty @response.body
   end
 
   test "should not create authentication and session with wrong credential" do
@@ -68,6 +67,20 @@ class Api::V1::AuthenticationsControllerTest < ActionDispatch::IntegrationTest
 
     assert_response :unauthorized
     assert_nil session[:user_credentials]
-    assert_empty @response.body
+  end
+
+  test "should get error message with wrong credential" do
+    post api_v1_authentication_url, as: :json, params: {
+      user_session: {
+        email: "fake@email.com",
+        password: "fake"
+      }
+    }
+
+    response = @response.parsed_body
+
+    assert_response :unauthorized
+    assert_equal "InvalidCredential", response["type"]
+    assert_not_empty response["message"]
   end
 end