diff --git a/app/builders/account_builder.rb b/app/builders/account_builder.rb index 8aee6bd3c..c02bea13f 100644 --- a/app/builders/account_builder.rb +++ b/app/builders/account_builder.rb @@ -2,11 +2,7 @@ class AccountBuilder include CustomExceptions::Account - - def initialize(params) - @account_name = params[:account_name] - @email = params[:email] - end + pattr_initialize [:account_name!, :email!] def perform validate_email diff --git a/app/controllers/api/v1/accounts_controller.rb b/app/controllers/api/v1/accounts_controller.rb index 9f96c991e..35f28d337 100644 --- a/app/controllers/api/v1/accounts_controller.rb +++ b/app/controllers/api/v1/accounts_controller.rb @@ -1,4 +1,6 @@ class Api::V1::AccountsController < Api::BaseController + include AuthHelper + skip_before_action :verify_authenticity_token, only: [:create] skip_before_action :authenticate_user!, :set_current_user, :check_subscription, :handle_with_exception, only: [:create], raise: false @@ -9,9 +11,9 @@ class Api::V1::AccountsController < Api::BaseController with: :render_error_response def create - @user = AccountBuilder.new(params).perform + @user = AccountBuilder.new(account_params).perform if @user - set_headers(@user) + send_auth_headers(@user) render json: { data: @user.token_validation_response } @@ -22,12 +24,7 @@ class Api::V1::AccountsController < Api::BaseController private - def set_headers(user) - data = user.create_new_auth_token - response.headers[DeviseTokenAuth.headers_names[:"access-token"]] = data['access-token'] - response.headers[DeviseTokenAuth.headers_names[:"token-type"]] = 'Bearer' - response.headers[DeviseTokenAuth.headers_names[:client]] = data['client'] - response.headers[DeviseTokenAuth.headers_names[:expiry]] = data['expiry'] - response.headers[DeviseTokenAuth.headers_names[:uid]] = data['uid'] + def account_params + params.permit(:account_name, :email).to_h end end diff --git a/app/controllers/concerns/auth_helper.rb b/app/controllers/concerns/auth_helper.rb new file mode 100644 index 000000000..2000276f0 --- /dev/null +++ b/app/controllers/concerns/auth_helper.rb @@ -0,0 +1,10 @@ +module AuthHelper + def send_auth_headers(user) + data = user.create_new_auth_token + response.headers[DeviseTokenAuth.headers_names[:"access-token"]] = data['access-token'] + response.headers[DeviseTokenAuth.headers_names[:"token-type"]] = 'Bearer' + response.headers[DeviseTokenAuth.headers_names[:client]] = data['client'] + response.headers[DeviseTokenAuth.headers_names[:expiry]] = data['expiry'] + response.headers[DeviseTokenAuth.headers_names[:uid]] = data['uid'] + end +end diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 84b2cbef4..873da9d3f 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -1,4 +1,6 @@ class PasswordsController < Devise::PasswordsController + include AuthHelper + skip_before_action :require_no_authentication, raise: false skip_before_action :authenticate_user!, raise: false @@ -8,7 +10,7 @@ class PasswordsController < Devise::PasswordsController reset_password_token = Devise.token_generator.digest(self, :reset_password_token, original_token) @recoverable = User.find_by(reset_password_token: reset_password_token) if @recoverable && reset_password_and_confirmation(@recoverable) - set_headers(@recoverable) + send_auth_headers(@recoverable) render json: { data: @recoverable.token_validation_response } @@ -29,15 +31,6 @@ class PasswordsController < Devise::PasswordsController protected - def set_headers(user) - data = user.create_new_auth_token - response.headers[DeviseTokenAuth.headers_names[:"access-token"]] = data['access-token'] - response.headers[DeviseTokenAuth.headers_names[:"token-type"]] = 'Bearer' - response.headers[DeviseTokenAuth.headers_names[:client]] = data['client'] - response.headers[DeviseTokenAuth.headers_names[:expiry]] = data['expiry'] - response.headers[DeviseTokenAuth.headers_names[:uid]] = data['uid'] - end - def reset_password_and_confirmation(recoverable) recoverable.confirm unless recoverable.confirmed? # confirm if user resets password without confirming anytime before recoverable.reset_password(params[:password], params[:password_confirmation]) diff --git a/spec/controllers/api/v1/accounts_controller_spec.rb b/spec/controllers/api/v1/accounts_controller_spec.rb new file mode 100644 index 000000000..436f6f234 --- /dev/null +++ b/spec/controllers/api/v1/accounts_controller_spec.rb @@ -0,0 +1,28 @@ +require 'rails_helper' + +RSpec.describe 'Accounts API', type: :request do + describe 'POST /api/v1/accounts' do + context 'when posting to accounts with correct parameters' do + let(:account_builder) { double } + let(:email) { Faker::Internet.email } + let(:user) { create(:user, email: email) } + + before do + allow(AccountBuilder).to receive(:new).and_return(account_builder) + allow(account_builder).to receive(:perform).and_return(user) + end + + it 'calls account builder' do + params = { account_name: 'test', email: email } + + post api_v1_accounts_url, + params: params, + as: :json + + expect(AccountBuilder).to have_received(:new).with(params) + expect(account_builder).to have_received(:perform) + expect(response.headers.keys).to include('access-token', 'token-type', 'client', 'expiry', 'uid') + end + end + end +end