gitlab-org--gitlab-foss/spec/requests/api/session_spec.rb

require 'spec_helper'

describe API::API, api: true  do
  include ApiHelpers

  let(:user) { create(:user) }

  describe "POST /session" do
    context "when valid password" do
      it "should return private token" do
        post api("/session"), email: user.email, password: '12345678'
        response.status.should == 201

        json_response['email'].should == user.email
        json_response['private_token'].should == user.private_token
        json_response['is_admin'].should == user.is_admin?
        json_response['can_create_project'].should == user.can_create_project?
        json_response['can_create_group'].should == user.can_create_group?
      end
    end

    context "when invalid password" do
      it "should return authentication error" do
        post api("/session"), email: user.email, password: '123'
        response.status.should == 401

        json_response['email'].should be_nil
        json_response['private_token'].should be_nil
      end
    end

    context "when empty password" do
      it "should return authentication error" do
        post api("/session"), email: user.email
        response.status.should == 401

        json_response['email'].should be_nil
        json_response['private_token'].should be_nil
      end
    end

    context "when empty name" do
      it "should return authentication error" do
        post api("/session"), password: user.password
        response.status.should == 401

        json_response['email'].should be_nil
        json_response['private_token'].should be_nil
      end
    end
  end
end
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00			`require 'spec_helper'`

Added API testing group 2014-04-11 15:45:56 -04:00			`describe API::API, api: true do`
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00			`include ApiHelpers`

Remove backward compatibility of factories. 2012-11-05 22:31:55 -05:00			`let(:user) { create(:user) }`
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00
			`describe "POST /session" do`
			`context "when valid password" do`
			`it "should return private token" do`
Fix session spec because of password length Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-11-25 15:33:04 -05:00			`post api("/session"), email: user.email, password: '12345678'`
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00			`response.status.should == 201`

			`json_response['email'].should == user.email`
			`json_response['private_token'].should == user.private_token`
Abilities added to /user and /sign_in requests 2013-03-18 16:11:28 -04:00			`json_response['is_admin'].should == user.is_admin?`
			`json_response['can_create_project'].should == user.can_create_project?`
			`json_response['can_create_group'].should == user.can_create_group?`
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00			`end`
			`end`

			`context "when invalid password" do`
			`it "should return authentication error" do`
			`post api("/session"), email: user.email, password: '123'`
API: return 401 for invalid session 2012-09-20 11:38:08 -04:00			`response.status.should == 401`
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00
			`json_response['email'].should be_nil`
			`json_response['private_token'].should be_nil`
			`end`
			`end`

			`context "when empty password" do`
			`it "should return authentication error" do`
			`post api("/session"), email: user.email`
API: return 401 for invalid session 2012-09-20 11:38:08 -04:00			`response.status.should == 401`
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00
			`json_response['email'].should be_nil`
			`json_response['private_token'].should be_nil`
			`end`
			`end`
API: session documentation updated and test added 2013-02-27 06:58:06 -05:00
			`context "when empty name" do`
			`it "should return authentication error" do`
			`post api("/session"), password: user.password`
			`response.status.should == 401`

			`json_response['email'].should be_nil`
			`json_response['private_token'].should be_nil`
			`end`
			`end`
I want be able to get token via api. Used for mobile applications 2012-09-20 10:44:44 -04:00			`end`
			`end`