Merge branch 'api'

This commit is contained in:
randx 2012-09-20 19:35:56 +03:00
commit 49fe8fed11
4 changed files with 19 additions and 10 deletions

View file

@ -13,6 +13,8 @@
%a{href: "#snippets"} Snippets %a{href: "#snippets"} Snippets
%li %li
%a{href: "#users"} Users %a{href: "#users"} Users
%li
%a{href: "#session"} Session
%li %li
%a{href: "#issues"} Issues %a{href: "#issues"} Issues
%li %li
@ -58,6 +60,16 @@
%br %br
.file_holder#session
.file_title
%i.icon-file
Session
.file_content.wiki
= preserve do
= markdown File.read(Rails.root.join("doc", "api", "session.md"))
%br
.file_holder#issues .file_holder#issues
.file_title .file_title
%i.icon-file %i.icon-file

View file

@ -9,8 +9,8 @@ module Gitlab
expose :id, :email, :name, :blocked, :created_at expose :id, :email, :name, :blocked, :created_at
end end
class UserLogin < Grape::Entity class UserLogin < UserBasic
expose :id, :email, :name, :private_token, :blocked, :created_at expose :private_token
end end
class Hook < Grape::Entity class Hook < Grape::Entity
@ -56,9 +56,7 @@ module Gitlab
end end
class Key < Grape::Entity class Key < Grape::Entity
expose :id, expose :id, :title, :key
:title,
:key
end end
end end
end end

View file

@ -8,14 +8,13 @@ module Gitlab
post "/session" do post "/session" do
resource = User.find_for_database_authentication(email: params[:email]) resource = User.find_for_database_authentication(email: params[:email])
return forbidden! unless resource return unauthorized! unless resource
if resource.valid_password?(params[:password]) if resource.valid_password?(params[:password])
present resource, with: Entities::UserLogin present resource, with: Entities::UserLogin
else else
forbidden! unauthorized!
end end
end end
end end
end end

View file

@ -19,7 +19,7 @@ describe Gitlab::API do
context "when invalid password" do context "when invalid password" do
it "should return authentication error" do it "should return authentication error" do
post api("/session"), email: user.email, password: '123' post api("/session"), email: user.email, password: '123'
response.status.should == 403 response.status.should == 401
json_response['email'].should be_nil json_response['email'].should be_nil
json_response['private_token'].should be_nil json_response['private_token'].should be_nil
@ -29,7 +29,7 @@ describe Gitlab::API do
context "when empty password" do context "when empty password" do
it "should return authentication error" do it "should return authentication error" do
post api("/session"), email: user.email post api("/session"), email: user.email
response.status.should == 403 response.status.should == 401
json_response['email'].should be_nil json_response['email'].should be_nil
json_response['private_token'].should be_nil json_response['private_token'].should be_nil