mardi 16 juin 2020

Test user registration using RSpec with JWT token

I can't authorize to my app using JWT token in header params when I test it in RSpec. I try manually create token and use it inside request header to authorize, but RSpec says that I'm not authorized. Can someone tell me what the mistake is?

My RSpec test with this error:

require 'rails_helper'

RSpec.describe "Api::V1::Users", type: :request do
  let(:user) { create(:user, password: "password", password_confirmation: "password") }
  let (:token_new) { Users::CreateTokenService.call(user)}
  let(:token) do
    {  "Authorization": "Bearer #{token_new}"  }
  end

  describe "GET api/v1/user#show" do
    context "correct params are passed" do
      subject { get api_v1_user_path( format: :json, params: {}, headers: token  )  }

      it "returns correct status" do
        subject
        expect(response).to have_http_status(200)
      end
    end
  end
end

Service to create token:

module Users
  class CreateTokenService < ApplicationService
    attr_accessor :user

    def initialize(user)
      @user = user
    end

    def call
      user.update_attribute(:jti, SecureRandom.uuid)
      time = Time.now.to_i + 4 * 3600
      payload = { user_id: user.id, exp: time, jti: user.jti }
      token =  JWT.encode(payload, Rails.application.secrets.secret_key_base)
    end

  end
end

User controller inside api/v1/users_controller.rb:

module Api
  module V1
    class UsersController < BaseController
      skip_before_action :require_login, only: %i[create]

      def index
        users = User.search(params[:search]).limit(10)
        render :index, locals: { users: users }
      end

      def create
        user = User.new(user_params)
        if user.save
          token =  Users::CreateTokenService.call(user)
          render partial: 'api/v1/users/user', locals: { user: user }, status: 201
          response.set_header('Authorization: Bearer', token)
        else
          render json: { errors: user.errors.full_messages }, status: 422
        end
      end

      def show
        render partial: 'api/v1/users/user', locals: { user: session_user }, status: 200
      end

      private

      def user_params
        params.permit(:email, :password, :first_name, :last_name)
      end

    end
  end
end

And RSpec error:

  1) Api::V1::Users GET api/v1/user#show correct params are passed returns correct status
     Failure/Error: expect(response).to have_http_status(200)
       expected the response to have status code 200 but it was 401
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)