I want be able to get token via api. Used for mobile applications
This commit is contained in:
parent
37817cc31d
commit
9aafe77e70
|
@ -30,6 +30,7 @@ When listing resources you can pass the following parameters:
|
|||
## Contents
|
||||
|
||||
+ [Users](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/users.md)
|
||||
+ [Session](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/session.md)
|
||||
+ [Projects](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/projects.md)
|
||||
+ [Snippets](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/snippets.md)
|
||||
+ [Issues](https://github.com/gitlabhq/gitlabhq/blob/master/doc/api/issues.md)
|
||||
|
|
22
doc/api/session.md
Normal file
22
doc/api/session.md
Normal file
|
@ -0,0 +1,22 @@
|
|||
Login to get private token
|
||||
|
||||
```
|
||||
POST /session
|
||||
```
|
||||
|
||||
Parameters:
|
||||
|
||||
+ `email` (required) - The email of user
|
||||
+ `password` (required) - Valid password
|
||||
|
||||
|
||||
```json
|
||||
{
|
||||
"id": 1,
|
||||
"email": "john@example.com",
|
||||
"name": "John Smith",
|
||||
"private_token": "dd34asd13as",
|
||||
"created_at": "2012-05-23T08:00:58Z",
|
||||
"blocked": true
|
||||
}
|
||||
```
|
|
@ -18,5 +18,6 @@ module Gitlab
|
|||
mount Issues
|
||||
mount Milestones
|
||||
mount Keys
|
||||
mount Session
|
||||
end
|
||||
end
|
||||
|
|
|
@ -9,6 +9,10 @@ module Gitlab
|
|||
expose :id, :email, :name, :blocked, :created_at
|
||||
end
|
||||
|
||||
class UserLogin < Grape::Entity
|
||||
expose :id, :email, :name, :private_token, :blocked, :created_at
|
||||
end
|
||||
|
||||
class Hook < Grape::Entity
|
||||
expose :id, :url
|
||||
end
|
||||
|
|
21
lib/api/session.rb
Normal file
21
lib/api/session.rb
Normal file
|
@ -0,0 +1,21 @@
|
|||
module Gitlab
|
||||
# Users API
|
||||
class Session < Grape::API
|
||||
# Login to get token
|
||||
#
|
||||
# Example Request:
|
||||
# POST /session
|
||||
post "/session" do
|
||||
resource = User.find_for_database_authentication(email: params[:email])
|
||||
|
||||
return forbidden! unless resource
|
||||
|
||||
if resource.valid_password?(params[:password])
|
||||
present resource, with: Entities::UserLogin
|
||||
else
|
||||
forbidden!
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
39
spec/requests/api/session_spec.rb
Normal file
39
spec/requests/api/session_spec.rb
Normal file
|
@ -0,0 +1,39 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe Gitlab::API do
|
||||
include ApiHelpers
|
||||
|
||||
let(:user) { Factory :user }
|
||||
|
||||
describe "POST /session" do
|
||||
context "when valid password" do
|
||||
it "should return private token" do
|
||||
post api("/session"), email: user.email, password: '123456'
|
||||
response.status.should == 201
|
||||
|
||||
json_response['email'].should == user.email
|
||||
json_response['private_token'].should == user.private_token
|
||||
end
|
||||
end
|
||||
|
||||
context "when invalid password" do
|
||||
it "should return authentication error" do
|
||||
post api("/session"), email: user.email, password: '123'
|
||||
response.status.should == 403
|
||||
|
||||
json_response['email'].should be_nil
|
||||
json_response['private_token'].should be_nil
|
||||
end
|
||||
end
|
||||
|
||||
context "when empty password" do
|
||||
it "should return authentication error" do
|
||||
post api("/session"), email: user.email
|
||||
response.status.should == 403
|
||||
|
||||
json_response['email'].should be_nil
|
||||
json_response['private_token'].should be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue