Skip to content
Browse files

Enabling users to create api sessions

  • Loading branch information...
1 parent d9b2bc3 commit d699699c88bcc5efdfa24fac10bc95f55d81beee @chischaschos committed Feb 19, 2014
View
1 lib/todo.rb
@@ -5,4 +5,5 @@
module Todo
autoload :Application, 'todo/application'
autoload :Models, 'todo/models'
+ autoload :Services, 'todo/services'
end
View
27 lib/todo/application.rb
@@ -4,6 +4,13 @@ module Todo
class Application < Sinatra::Base
set :root, File.realpath(File.join(File.dirname(__FILE__), '..', '..'))
+ set :logging, true
+ set :dump_errors, true
+
+ configure do
+ DataMapper::Logger.new($stdout, :debug)
+ DataMapper.setup(:default, "sqlite://#{File.join(Todo::Application.root, 'todos.db')}")
+ end
get '/' do
haml :index
@@ -23,5 +30,25 @@ class Application < Sinatra::Base
end
end
+ post '/api/sessions' do
+ content_type :json
+
+ session = Services::SessionCreator.new(params[:user])
+
+ if session.valid?
+ cookie_params = {
+ value: session.access_token,
+ httponly: true,
+ secure: true
+ }
+ response.set_cookie 'access_token', cookie_params
+
+ else
+ status 404
+ { errors: session.errors.to_hash }.to_json
+ end
+
+ end
+
end
end
View
3 lib/todo/models.rb
@@ -1,7 +1,8 @@
module Todo
module Models
- require 'todo/models/db'
+
require 'todo/models/user'
+ require 'todo/models/session'
DataMapper.finalize
DataMapper.auto_upgrade!
View
2 lib/todo/models/db.rb
@@ -1,2 +0,0 @@
-DataMapper::Logger.new($stdout, :debug)
-DataMapper.setup(:default, "sqlite://#{File.join(Todo::Application.root, 'todos.db')}")
View
18 lib/todo/models/session.rb
@@ -0,0 +1,18 @@
+require 'securerandom'
+
+module Todo
+ module Models
+ class Session
+ include DataMapper::Resource
+
+ property :access_token, String
+
+ belongs_to :user, 'Todo::Models::User', key: true
+
+ before :create do |session|
+ session.access_token = SecureRandom.uuid
+ end
+
+ end
+ end
+end
View
3 lib/todo/models/user.rb
@@ -1,4 +1,3 @@
-
module Todo
module Models
class User
@@ -8,6 +7,8 @@ class User
property :email, String
property :password, String
+ has 1, :session, 'Todo::Models::Session'
+
validates_presence_of :email
validates_format_of :email, as: :email_address
validates_uniqueness_of :email
View
5 lib/todo/services.rb
@@ -0,0 +1,5 @@
+module Todo
+ module Services
+ autoload :SessionCreator, 'todo/services/session_creator'
+ end
+end
View
41 lib/todo/services/session_creator.rb
@@ -0,0 +1,41 @@
+module Todo
+ module Services
+ class SessionCreator
+
+ def initialize(params)
+ @params = params
+ @result = nil
+ end
+
+ def valid?
+ !!user
+ end
+
+ def access_token
+ user && !@session && create_session
+ @access_token
+ end
+
+ def errors
+ { password: 'email or password invalid' }
+ end
+
+ private
+
+ def user
+ @user ||= Todo::Models::User.first(email: @params[:email],
+ password: @params[:password])
+ end
+
+ def create_session
+ @session = Models::Session.create user: @user
+ if @session.saved?
+ @access_token = @session.access_token
+ else
+ fail 'Session could not be created'
+ end
+ end
+
+ end
+ end
+end
View
17 spec/api/sessions_spec.rb
@@ -1,3 +1,16 @@
-describe 'Sessions API' do
- it 'a user can create a session'
+require 'spec_helper'
+
+describe 'Sessions API', api: true do
+
+ it 'a user can create a session' do
+ params = { email: 'test@test.com', password: '123test123' }
+ user = Todo::Models::User.create! params
+
+ post '/api/sessions', { user: params }
+
+ expect(last_response.headers['Content-Type']).to eq 'application/json;charset=utf-8'
+ expect(last_response.headers['Set-Cookie']).to match /access_token/
+ expect(last_response.body).to eq ''
+ expect(last_response.status).to eq 200
+ end
end
View
14 spec/services/session_creator_spec.rb
@@ -0,0 +1,14 @@
+require 'spec_helper'
+
+describe Todo::Services::SessionCreator do
+
+ it 'successfully creates a session for an existing user' do
+ params = { email: 'test@test.com', password: '123test123' }
+ user = Todo::Models::User.create! params
+ session_creator = Todo::Services::SessionCreator.new params
+ expect(session_creator.valid?).to be_true
+ expect(session_creator.access_token).not_to be_nil
+ expect(session_creator.errors).not_to be_nil
+ end
+
+end
View
4 spec/spec_helper.rb
@@ -13,10 +13,6 @@
RSpec.configure do |config|
config.before(:each) do
- DatabaseCleaner.start
- end
-
- config.after(:each) do
DatabaseCleaner.clean
end
View
BIN todos.db
Binary file not shown.

0 comments on commit d699699

Please sign in to comment.
Something went wrong with that request. Please try again.