Setup application logger, be able to destroy sessions

chischaschos · Feb 20, 2014 · 79892dd · 79892dd
1 parent d699699
commit 79892dd
Show file tree

Hide file tree

Showing 8 changed files with 104 additions and 8 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1 +1,3 @@
 .bundle
+log/*
+db/*
diff --git a/lib/todo.rb b/lib/todo.rb
@@ -6,4 +6,6 @@ module Todo
   autoload :Application, 'todo/application'
   autoload :Models, 'todo/models'
   autoload :Services, 'todo/services'
+  autoload :Middlewares, 'todo/middlewares'
+  autoload :MyLogger, 'todo/my_logger'
 end
diff --git a/lib/todo/application.rb b/lib/todo/application.rb
@@ -5,13 +5,19 @@ class Application < Sinatra::Base
 
     set :root, File.realpath(File.join(File.dirname(__FILE__), '..', '..'))
     set :logging, true
-    set :dump_errors, true
+    set :dump_errors, false
+    set :raise_errors, true
+    set :show_exceptions, false
+    set :logger, MyLogger.new
 
     configure do
-      DataMapper::Logger.new($stdout, :debug)
+      DataMapper::Logger.new(logger, :debug)
-      DataMapper.setup(:default, "sqlite://#{File.join(Todo::Application.root, 'todos.db')}")
+      DataMapper.setup(:default, "sqlite://#{File.join(Todo::Application.root, 'db', 'todos.db')}")
     end
 
+    use Rack::CommonLogger, settings.logger
+    use Middlewares::ExceptionHandling
+
     get '/' do
       haml :index
     end
@@ -30,7 +36,7 @@ class Application < Sinatra::Base
       end
     end
 
-    post '/api/sessions' do
+    post '/api/session' do
       content_type :json
 
       session = Services::SessionCreator.new(params[:user])
@@ -47,8 +53,36 @@ class Application < Sinatra::Base
         status 404
         { errors: session.errors.to_hash }.to_json
       end
+    end
+
+    post '/api/session' do
+      content_type :json
 
+      session = Services::SessionCreator.new(params[:user])
+
+      if session.valid?
+        cookie_params = {
+          value: session.access_token,
+          httponly: true,
+          secure: true
+        }
+        response.set_cookie 'access_token', cookie_params
+
+      else
+        status 404
+        { errors: session.errors.to_hash }.to_json
+      end
+    end
+
+    delete '/api/session' do
+      content_type :json
+      session = Models::Session.first(access_token: request.cookies[:access_token])
+      if !session && session && !session.destroy
+        status 404
+        { errors: session.errors.to_hash }.to_json
+      end
     end
 
+
   end
 end
diff --git a/lib/todo/middlewares.rb b/lib/todo/middlewares.rb
@@ -0,0 +1,5 @@
+module Todo
+  module Middlewares
+    autoload :ExceptionHandling, 'todo/middlewares/exception_handling'
+  end
+end
diff --git a/lib/todo/middlewares/exception_handling.rb b/lib/todo/middlewares/exception_handling.rb
@@ -0,0 +1,25 @@
+module Todo
+  module Middlewares
+    class ExceptionHandling
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        begin
+          @app.call env
+        rescue => ex
+          env['rack.errors'].puts ex
+          env['rack.errors'].puts ex.backtrace.join("\n")
+          env['rack.errors'].flush
+
+          hash = { :message => ex.to_s }
+          hash[:backtrace] = ex.backtrace
+          Todo::Application.logger.error(JSON.pretty_generate(hash))
+          [500, {'Content-Type' => 'application/json'}, [MultiJson.dump(hash)]]
+        end
+      end
+    end
+  end
+end
+
diff --git a/lib/todo/my_logger.rb b/lib/todo/my_logger.rb
@@ -0,0 +1,11 @@
+require 'logger'
+
+module Todo
+  class MyLogger < Logger
+    alias_method :write, :<<
+
+    def initialize
+      super File.join(Todo::Application.root, 'log', 'app.log')
+    end
+  end
+end
diff --git a/spec/api/sessions_spec.rb b/spec/api/sessions_spec.rb
@@ -2,15 +2,32 @@
 
 describe 'Sessions API', api: true do
 
-  it 'a user can create a session' do
+  it 'should allow a client to create a user session' do
     params = { email: 'test@test.com', password: '123test123' }
-    user = Todo::Models::User.create! params
+    user = Todo::Models::User.create params
 
-    post '/api/sessions', { user: params }
+    post '/api/session', { user: params }
 
     expect(last_response.headers['Content-Type']).to eq 'application/json;charset=utf-8'
-    expect(last_response.headers['Set-Cookie']).to match /access_token/
+    expect(last_response.headers['Set-Cookie']).to match /access_token=#{user.session.access_token}/
     expect(last_response.body).to eq ''
     expect(last_response.status).to eq 200
   end
+
+  it 'should allow a client to destroy a user session' do
+    params = { email: 'test@test.com', password: '123test123' }
+    Todo::Models::User.create params
+    session = Todo::Services::SessionCreator.new(params)
+    expect(session.valid?).to be_true
+
+    set_cookie "access_token=#{session.access_token}"
+
+    delete "/api/session"
+
+    expect(last_response.headers['Content-Type']).to eq 'application/json;charset=utf-8'
+    expect(last_response.headers['Set-Cookie']).to be_nil
+    expect(last_response.body).to eq ''
+    expect(last_response.status).to eq 200
+
+  end
 end
diff --git a/todos.db b/todos.db