I can't authorize to my app using JWT token in header params when I test it in RSpec. I try manually create token and use it inside request header to authorize, but RSpec says that I'm not authorized. Can someone tell me what the mistake is?
My RSpec test with this error:
require 'rails_helper'
RSpec.describe "Api::V1::Users", type: :request do
let(:user) { create(:user, password: "password", password_confirmation: "password") }
let (:token_new) { Users::CreateTokenService.call(user)}
let(:token) do
{ "Authorization": "Bearer #{token_new}" }
end
describe "GET api/v1/user#show" do
context "correct params are passed" do
subject { get api_v1_user_path( format: :json, params: {}, headers: token ) }
it "returns correct status" do
subject
expect(response).to have_http_status(200)
end
end
end
end
Service to create token:
module Users
class CreateTokenService < ApplicationService
attr_accessor :user
def initialize(user)
@user = user
end
def call
user.update_attribute(:jti, SecureRandom.uuid)
time = Time.now.to_i + 4 * 3600
payload = { user_id: user.id, exp: time, jti: user.jti }
token = JWT.encode(payload, Rails.application.secrets.secret_key_base)
end
end
end
User controller inside api/v1/users_controller.rb:
module Api
module V1
class UsersController < BaseController
skip_before_action :require_login, only: %i[create]
def index
users = User.search(params[:search]).limit(10)
render :index, locals: { users: users }
end
def create
user = User.new(user_params)
if user.save
token = Users::CreateTokenService.call(user)
render partial: 'api/v1/users/user', locals: { user: user }, status: 201
response.set_header('Authorization: Bearer', token)
else
render json: { errors: user.errors.full_messages }, status: 422
end
end
def show
render partial: 'api/v1/users/user', locals: { user: session_user }, status: 200
end
private
def user_params
params.permit(:email, :password, :first_name, :last_name)
end
end
end
end
And RSpec error:
1) Api::V1::Users GET api/v1/user#show correct params are passed returns correct status
Failure/Error: expect(response).to have_http_status(200)
expected the response to have status code 200 but it was 401
Aucun commentaire:
Enregistrer un commentaire