diff --git a/.env.sample b/.env.sample new file mode 100644 index 0000000..2614668 --- /dev/null +++ b/.env.sample @@ -0,0 +1,30 @@ + +GOOGLE_CLIENT_ID: '' +GOOGLE_CLIENT_SECRET: '' +BUGSNAG_API_KEY: +BASE_ANDELA_URL: '' + +development: + SLACK_CLIENT_ID: '' + SLACK_CLIENT_SECRET: + ELASTIC_SEARCH_HOST_URL: + REDISTOGO_URL: + ZI_NOTIFICATION_URL: + BASE_URL: + ANDELA_AUTH_URL: + NEW_RELIC_LICENSE_KEY: + +staging: + ZI_NOTIFICATION_URL: + BASE_URL: + ANDELA_AUTH_URL: + +production: + ZI_NOTIFICATION_URL: + BASE_URL: + ANDELA_AUTH_URL: + +test: + ZI_NOTIFICATION_URL: + BASE_URL: + ANDELA_AUTH_URL: diff --git a/Gemfile b/Gemfile index 36a2644..263f5c1 100644 --- a/Gemfile +++ b/Gemfile @@ -15,7 +15,6 @@ gem "jwt" gem 'rack-cors' # for perfomance and monitoring timeout ensures that when a request is taking too long, it is automatically terminated # new relic provides a dashboard to view the perfomance of our application -gem "rack-timeout" gem 'newrelic_rpm' gem "bugsnag" @@ -23,6 +22,9 @@ gem "bugsnag" gem 'elasticsearch-model' gem 'elasticsearch-rails' +gem 'faraday' +gem 'faraday_middleware' + # sidekiq for asynchronous jobs. relevant to enable app to keep functioning even when there are long running jobs gem 'sidekiq' gem 'sidekiq-failures' @@ -56,9 +58,11 @@ group :test do gem "json-schema" gem "mock_redis" gem 'rspec-sidekiq' + gem 'webmock' end group :production, :staging do + gem "rack-timeout" gem "pg" gem "rails_12factor" end diff --git a/Gemfile.lock b/Gemfile.lock index c83bf1f..7471479 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -57,6 +57,8 @@ GEM term-ansicolor (~> 1.3) thor (~> 0.19.1) tins (~> 1.6.0) + crack (0.4.3) + safe_yaml (~> 1.0.0) database_cleaner (1.5.1) diff-lcs (1.2.5) docile (1.1.5) @@ -88,6 +90,8 @@ GEM i18n (~> 0.5) faraday (0.9.2) multipart-post (>= 1.2, < 3) + faraday_middleware (0.10.0) + faraday (>= 0.7.4, < 0.10) ffi (1.9.10) figaro (1.1.1) thor (~> 0.14) @@ -108,6 +112,7 @@ GEM guard (~> 2.1) guard-compat (~> 1.1) rspec (>= 2.99.0, < 4.0) + hashdiff (0.3.2) hashie (3.4.3) http-cookie (1.0.2) domain_name (~> 0.5) @@ -234,6 +239,7 @@ GEM rspec-support (3.4.1) ruby-prof (0.15.9) ruby_dep (1.3.1) + safe_yaml (1.0.4) shellany (0.0.1) shoulda-matchers (3.0.1) activesupport (>= 4.0.0) @@ -278,6 +284,10 @@ GEM unf (0.1.4) unf_ext unf_ext (0.0.7.1) + webmock (2.3.2) + addressable (>= 2.3.6) + crack (>= 0.3.2) + hashdiff will_paginate (3.1.0) PLATFORMS @@ -295,6 +305,8 @@ DEPENDENCIES elasticsearch-rails factory_girl_rails faker + faraday + faraday_middleware figaro guard-rspec jbuilder @@ -324,10 +336,11 @@ DEPENDENCIES sinatra (>= 1.3.0) spring sqlite3 + webmock will_paginate RUBY VERSION ruby 2.3.1p112 BUNDLED WITH - 1.12.5 + 1.14.1 diff --git a/app/authenticators/andela_auth_v2.rb b/app/authenticators/andela_auth_v2.rb new file mode 100644 index 0000000..7e823d4 --- /dev/null +++ b/app/authenticators/andela_auth_v2.rb @@ -0,0 +1,32 @@ +class AndelaAuthV2 + attr_reader :response + + def self.authenticate(token) + conn = Connection::FaradayConnection.connection(token) + response = conn.get('/api/v1/users/me') + new(response) + end + + def initialize(response) + @response = response + end + + def body + @body ||= JSON.parse(response.body) + end + + def authenticated? + # check response status and body + !body.include? 'error' + end + + def current_user + if authenticated? + body + else + raise UserNotFoundError.new('User could not be found') + end + end + + class UserNotFoundError < StandardError; end +end diff --git a/app/authenticators/authenticator.rb b/app/authenticators/authenticator.rb new file mode 100644 index 0000000..22d88c6 --- /dev/null +++ b/app/authenticators/authenticator.rb @@ -0,0 +1,24 @@ +require_relative 'andela_auth_v2' + +class Authenticator + attr_reader :request + attr_accessor :user + + def initialize(request) + @request = request + end + + def authenticated? + if request.headers['Authorization'] + strategy, token = request.headers['Authorization'].split + auth = AndelaAuthV2.authenticate(token) + if strategy == 'Bearer' && auth.authenticated? + return @user = auth.current_user + else + return false + end + else + return false + end + end +end \ No newline at end of file diff --git a/app/authenticators/connection/faraday_connection.rb b/app/authenticators/connection/faraday_connection.rb new file mode 100644 index 0000000..cc7af2f --- /dev/null +++ b/app/authenticators/connection/faraday_connection.rb @@ -0,0 +1,23 @@ +class Connection::FaradayConnection + BASE_ANDELA_URL = ENV['BASE_ANDELA_URL'] # use env variable to set the url + + def self.connection(token) + options = { + headers: { + "Authorization" => "Bearer #{token}", + "Accept" => 'application/json; charset=utf-8', + }, + ssl: { + verify: false + } + } + + ::Faraday::Connection.new(BASE_ANDELA_URL, options) do |conn| + conn.use ::Faraday::Request::Multipart + conn.use ::Faraday::Request::UrlEncoded + conn.use FaradayMiddleware::FollowRedirects + conn.response :logger, Rails.logger + conn.adapter ::Faraday.default_adapter + end + end +end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 27f03bd..2218f18 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,51 +3,31 @@ class ApplicationController < ActionController::API attr_reader :current_user helper_method :current_user - before_action :authenticate_user, except: [:login, :logout] - - def resource_not_found - not_found = "The resource you tried to access was not found" - render json: {errors: not_found}, status: 404 - end + before_action :authenticate_user def invalid_request(message = error_msg, status = 400) render json: {errors: message}, status: status end - def login - user = authenticate_cookie - @current_user = User.from_andela_auth(user) if user && !user['isGuest'] - return unauthorized_token unless @current_user - - @token = TokenManager.generate_token(@current_user.id) - end - - def logout - cookie = request.headers['HTTP_ANDELA_COOKIE'] - return invalid_request("Cookie must be provided") unless cookie - CookieHandler.logout_cookie(cookie) - render json: {message: 'logged out'}, status: 200 - end - private - def authenticate_user - (authenticate_token && authenticate_cookie) || unauthorized_token - # authenticate_cookie || unauthorized_token - end - - def authenticate_token - authenticate_with_http_token do |auth_token, _| - user_id = TokenManager.authenticate(auth_token)['user'] - @token = TokenManager.generate_token(user_id) if user_id - end - end - - def authenticate_cookie - cookie = request.headers['HTTP_ANDELA_COOKIE'] - return unless cookie - user = CookieHandler.validate_with_cookie(cookie) - @current_user = User.find_by(email: user['email']) if user - user + def authenticate_user + auth = Authenticator.new(request) + if auth.authenticated? + create_or_update_user(auth.user) + else + unauthorized_token + end + end + + def create_or_update_user(user) + @current_user = User.find_or_create_by(email: user['email']) + # we always want to ensure these attrs are in sync with the auth system + @current_user.update_attributes( + name: user['name'], + image: user['picture'], + active: (user['status'] == 'active') + ) + @current_user end def unauthorized_token @@ -55,6 +35,11 @@ def unauthorized_token render json: {errors: "Request was made with invalid token"}, status: 401 end + def resource_not_found + not_found = "The resource you tried to access was not found" + render json: {errors: not_found}, status: 404 + end + def error_msg "The operation could not be performed."\ " Please check your request or try again later" diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 724d5e3..007c76e 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -2,7 +2,6 @@ class UsersController < ApplicationController before_action :set_user, only: [:update, :questions, :tags] before_action :set_user_with_activities, only: [:activities] before_action :set_user_with_associations_and_statistics, only: [:show] - skip_before_action :authenticate_user, only: [:login, :authenticate] def index users = User.paginate(page: params[:page]) diff --git a/app/views/application/login.json.jbuilder b/app/views/application/login.json.jbuilder index 4250249..e250dfb 100644 --- a/app/views/application/login.json.jbuilder +++ b/app/views/application/login.json.jbuilder @@ -1,6 +1,5 @@ json.partial! "users/user", user: @current_user json.partial! 'tags/tag', tags: @current_user.tags -json.api_key @token # json.user { json.partial! 'users/user', user: @current_user } # json.api_key @token diff --git a/config/routes.rb b/config/routes.rb index 0f3a638..27fab1a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -50,7 +50,6 @@ end end - post "login" => "application#login" get "logout" => "application#logout" mount Sidekiq::Web => '/sidekiq' diff --git a/spec/controllers/votes_controller_spec.rb b/spec/controllers/votes_controller_spec.rb index 3ce3c7b..3549e06 100644 --- a/spec/controllers/votes_controller_spec.rb +++ b/spec/controllers/votes_controller_spec.rb @@ -9,65 +9,7 @@ create_list(:answer, 5, user: user2) end - context "when user votes another user's resource" do - before do - request.headers['Authorization'] = "Token token=#{valid_user_token(user2)}" - end - - it "upvotes another user's resource" do - # post :upvote, {resource_name: 'questions', resource_id: 1} - # expect(response.body).to eq "{\"response\":1}" - # expect(response.status).to eq 200 - end - - it "downvotes another user's resource " do - # post :downvote, {resource_name: 'questions', resource_id: 1} - # expect(response.body).to eq "{\"response\":-1}" - # expect(response.status).to eq 200 - end - end - - context "when user votes own resource" do - before do - request.headers['Authorization'] = "Token token=#{valid_user_token(user2)}" - end - - it "doesnt downvote resource" do - # post :downvote, {resource_name: 'answers', resource_id: 1} - # expect(response.body).to include "You can't vote for your post" - # expect(response.status).to eq 403 - end - - it "doesnt upvote resource" do - # post :upvote, {resource_name: 'answers', resource_id: 1} - # expect(response.body).to include "You can't vote for your post" - # expect(response.status).to eq 403 - end - end - - context "when user cannot vote on resource" do - before do - request.headers['Authorization'] = "Token token=#{valid_user_token(user3)}" - end - - it "doesnt upvotes another user's resource" do - # post :upvote, {resource_name: 'questions', resource_id: 1} - # expect(response.body).to include "Not qualified to vote" - # expect(response.status).to eq 403 - end - - it "doesnt downvote another user's resource" do - # post :downvote, {resource_name: 'answers', resource_id: 1} - # expect(response.body).to include "Not qualified to vote" - # expect(response.status).to eq 403 - end - end - - context "when user tries to vote with invalid token" do - before do - request.headers['Authorization'] = "Token token=badtoken" - end - + context "when user tries to vote with invalid token", invalid_request: true do it "rejects invalid token for upvote" do post :upvote, {resource_name: 'questions', resource_id: 1} expect(response.body).to include "invalid token" diff --git a/spec/requests/answers/accepting_answer_spec.rb b/spec/requests/answers/accepting_answer_spec.rb index 5db0757..6d25178 100644 --- a/spec/requests/answers/accepting_answer_spec.rb +++ b/spec/requests/answers/accepting_answer_spec.rb @@ -6,8 +6,6 @@ let(:answer) { create(:answer, question: question, user: user2) } let(:path) { accept_question_answer_path(question, answer) } - it_behaves_like "authenticated endpoint", :accept_question_answer_path, 'post', true - describe "validates that question belongs to user" do let(:question) { create(:question_with_answers, user: user2) } it "returns unauthorized_access if question doesn't belong to user" do diff --git a/spec/requests/answers/answer_request_helper.rb b/spec/requests/answers/answer_request_helper.rb index 148fa4e..b8bcea4 100644 --- a/spec/requests/answers/answer_request_helper.rb +++ b/spec/requests/answers/answer_request_helper.rb @@ -1,5 +1,4 @@ require "rails_helper" -require "requests/shared/shared_authenticated_endpoint" def path_helper(path, answer=false) question = FactoryGirl.create(:question_with_answers) diff --git a/spec/requests/answers/creating_answer_spec.rb b/spec/requests/answers/creating_answer_spec.rb index 4f3d9ce..9aff568 100644 --- a/spec/requests/answers/creating_answer_spec.rb +++ b/spec/requests/answers/creating_answer_spec.rb @@ -5,8 +5,6 @@ let(:user) { create(:active_user) } let(:path) { question_answers_path(question) } - it_behaves_like "authenticated endpoint", :question_answers_path, 'post' - describe "POST /questions/:question_id/answers"do describe "validates content" do it "doesn't save if content is empty" do diff --git a/spec/requests/answers/destroying_answer_spec.rb b/spec/requests/answers/destroying_answer_spec.rb index c34acc8..50d4e09 100644 --- a/spec/requests/answers/destroying_answer_spec.rb +++ b/spec/requests/answers/destroying_answer_spec.rb @@ -4,8 +4,6 @@ let(:answer) { create(:answer, user: valid_user) } let(:path) { question_answer_path(answer.question, answer) } - it_behaves_like "authenticated endpoint", :question_answer_path, 'delete', true - describe "DELETE /questions/:question_id/answers/:id" do describe "invalid answer id" do it "returns 404 if answer is not found" do diff --git a/spec/requests/answers/fetching_answer_spec.rb b/spec/requests/answers/fetching_answer_spec.rb index 1b9864b..9951d85 100644 --- a/spec/requests/answers/fetching_answer_spec.rb +++ b/spec/requests/answers/fetching_answer_spec.rb @@ -1,7 +1,6 @@ require_relative "answer_request_helper" RSpec.describe "Fetching an answer", type: :request do - it_behaves_like "authenticated endpoint", :question_answers_path, 'get' describe "GET /questions/:question_id/answers" do let(:question) { create(:question_with_answers, answers_count: 5) } diff --git a/spec/requests/answers/updating_answer_spec.rb b/spec/requests/answers/updating_answer_spec.rb index df97f47..1195849 100644 --- a/spec/requests/answers/updating_answer_spec.rb +++ b/spec/requests/answers/updating_answer_spec.rb @@ -4,8 +4,6 @@ let(:answer) { create(:answer, user: valid_user) } let(:path) { question_answer_path(answer.question, answer) } - it_behaves_like "authenticated endpoint", :question_answer_path, 'patch', true - describe "PATCH /questions/:question_id/answers/:id" do context "validates content" do let(:new_answer){ attributes_for(:answer).merge(format: :json) } diff --git a/spec/requests/questions/create_question_endpoint_spec.rb b/spec/requests/questions/create_question_endpoint_spec.rb index 4f59f70..014a3d4 100644 --- a/spec/requests/questions/create_question_endpoint_spec.rb +++ b/spec/requests/questions/create_question_endpoint_spec.rb @@ -5,8 +5,6 @@ describe "POST /questions" do let(:path) { questions_path } - it_behaves_like "question authenticated endpoint", :questions_path, :post - context "with valid athorization header" do before(:each) { post path, question_params, authorization_header } diff --git a/spec/requests/questions/delete_question_endpoint_spec.rb b/spec/requests/questions/delete_question_endpoint_spec.rb index f7f2f9e..20b6cfa 100644 --- a/spec/requests/questions/delete_question_endpoint_spec.rb +++ b/spec/requests/questions/delete_question_endpoint_spec.rb @@ -6,8 +6,6 @@ let(:question) { create(:question, user: valid_user) } let(:path) { question_path(question) } - it_behaves_like "question authenticated endpoint", :questions_path, :delete, true - context "with valid athorization header" do before(:each) { delete path, { format: :json }, authorization_header } diff --git a/spec/requests/questions/fetch_questions_index_spec.rb b/spec/requests/questions/fetch_questions_index_spec.rb index 949e26f..a7d1b8b 100644 --- a/spec/requests/questions/fetch_questions_index_spec.rb +++ b/spec/requests/questions/fetch_questions_index_spec.rb @@ -8,8 +8,6 @@ # NOTE the index is used here to fetch the route to be tested let(:path) { [questions_path, all_questions_path ][index] } - it_behaves_like "question authenticated endpoint", :questions_path, :get - context "with valid authorization header" do context "when there are fewer than 25 questions" do let(:question_count) { 10 } diff --git a/spec/requests/questions/question_request_helper.rb b/spec/requests/questions/question_request_helper.rb index 764d9c6..fa510a4 100644 --- a/spec/requests/questions/question_request_helper.rb +++ b/spec/requests/questions/question_request_helper.rb @@ -1,4 +1,3 @@ -require_relative "shared_authenticated_endpoint" def question_path_helper(path, show=false) question = create(:question) diff --git a/spec/requests/questions/search_questions_spec.rb b/spec/requests/questions/search_questions_spec.rb index ff9d7d9..80de73a 100644 --- a/spec/requests/questions/search_questions_spec.rb +++ b/spec/requests/questions/search_questions_spec.rb @@ -11,8 +11,6 @@ let(:path) { search_questions_path } - it_behaves_like "question authenticated endpoint", :search_questions_path, :get - context "with valid authorization header" do before(:each) do create_list(:question, 15) diff --git a/spec/requests/questions/shared_authenticated_endpoint.rb b/spec/requests/questions/shared_authenticated_endpoint.rb deleted file mode 100644 index 145cf07..0000000 --- a/spec/requests/questions/shared_authenticated_endpoint.rb +++ /dev/null @@ -1,26 +0,0 @@ -RSpec.shared_examples "question authenticated endpoint" do |endpoint, verb, show| - before(:each) do - path = question_path_helper(endpoint, show) - send(verb, path, { format: :json }, token) - end - - context "with valid token" do - let(:token) { authorization_header } - - describe "response status" do - it { expect(response.status).not_to be 401 } - end - end - - context "with invalid token" do - let(:token) { authorization_header("") } - - describe "response status" do - it { expect(response.status).to be 401 } - end - - describe "response schema" do - it { expect(response).to match_response_schema("error/invalid_token") } - end - end -end diff --git a/spec/requests/questions/show_question_endpoint_spec.rb b/spec/requests/questions/show_question_endpoint_spec.rb index 1269e93..c3bb17e 100644 --- a/spec/requests/questions/show_question_endpoint_spec.rb +++ b/spec/requests/questions/show_question_endpoint_spec.rb @@ -6,8 +6,6 @@ let(:question) { create(:question) } let(:path) { question_path(question) } - it_behaves_like "question authenticated endpoint", :question_path, :get, true - context "with valid authorization header" do before(:each) { get path, { format: :json }, authorization_header } diff --git a/spec/requests/questions/top_questions_spec.rb b/spec/requests/questions/top_questions_spec.rb index 44a4143..ab54096 100644 --- a/spec/requests/questions/top_questions_spec.rb +++ b/spec/requests/questions/top_questions_spec.rb @@ -5,8 +5,6 @@ describe "GET /top_questions" do let(:path) { top_questions_path } - it_behaves_like "question authenticated endpoint", :top_questions_path, :get - context "with valid authorization header" do before(:each) do create_list(:question, 15) do |question| diff --git a/spec/requests/questions/update_question_endpoint_spec.rb b/spec/requests/questions/update_question_endpoint_spec.rb index a65d11f..9302b9a 100644 --- a/spec/requests/questions/update_question_endpoint_spec.rb +++ b/spec/requests/questions/update_question_endpoint_spec.rb @@ -6,8 +6,6 @@ let(:question) { create(:question, user: valid_user) } let(:path) { question_path(question) } - it_behaves_like "question authenticated endpoint", :questions_path, :put, true - context "with valid athorization header" do before(:each) { put path, question_params, authorization_header } diff --git a/spec/requests/shared/shared_authenticated_endpoint.rb b/spec/requests/shared/shared_authenticated_endpoint.rb deleted file mode 100644 index 0502e25..0000000 --- a/spec/requests/shared/shared_authenticated_endpoint.rb +++ /dev/null @@ -1,48 +0,0 @@ -RSpec.shared_examples "authenticated endpoint" do |endpoint, verb, include_answer| - before(:each) do - # 🙈 = Dummy.create_with_methods({body: "{\"email\": \"#{valid_user.email}\"}"}) - - # allow_any_instance_of(Faraday::Connection).to receive(:get).and_return(🙈) - - path = path_helper(endpoint, include_answer) - send(verb, path, { format: :json }, header) - end - - context "with valid token and cookie" do - let(:header) { authorization_token.merge(cookie_header) } - - describe "response status" do - it { expect(response.status).not_to be 401 } - end - end - - context "with invalid token and valid cookie" do - let(:header) { authorization_token("").merge(cookie_header) } - - describe "response status" do - it { expect(response.status).to be 401 } - end - - describe "response schema" do - it { expect(response).to match_response_schema("error/invalid_token") } - end - end - - context "with valid token and no cookie" do - let(:header) { authorization_token } - - describe "response status" do - it { expect(response.status).to be 401 } - end - - describe "response schema" do - it { expect(response).to match_response_schema("error/invalid_token") } - end - end - - context "with valid cookie and no token" do - let(:header) { cookie_header } - - it { expect(response.status).to be 401} - end -end diff --git a/spec/support/andela_auth_mock.rb b/spec/support/andela_auth_mock.rb new file mode 100644 index 0000000..bd30483 --- /dev/null +++ b/spec/support/andela_auth_mock.rb @@ -0,0 +1,65 @@ +module AndelaAuthMock + extend ActiveSupport::Concern + + require 'webmock/rspec' + WebMock.disable_net_connect!(allow_localhost: true) + + included do + before(:each) do + stub_authorized_user_auth + stub_unauthorized_user_auth + end + end + + def auth_server + Connection::FaradayConnection::BASE_ANDELA_URL + "/api/v1/users/me" + end + + def stub_authorized_user_auth + stub_request(:get, auth_server).with(headers: authorization_header). + to_return(body: Notifications::UserSerializer.new(valid_user, root: false).to_json) + end + + def stub_unauthorized_user_auth + stub_request(:get, auth_server).with(headers: unauthorized_token). + to_return(status: 401, body: {error: true}.to_json) + end + + def authorization_header + { Authorization: "Bearer samplebearertokencanbefoundhere" } + end + + def unauthorized_token + { Authorization: "Bearer whatever"} + end + + def valid_user + @valid_user ||= create(:user) + end + + module AuthControllerHelper + extend ActiveSupport::Concern + + RSpec.configure do |config| + config.include self + end + + included do + before(:each, valid_request: true, type: :controller) do + request.headers["Authorization"] = "Bearer samplebearertokencanbefoundhere" + end + + before(:each, invalid_request: true, type: :controller) do + request.headers["Authorization"] = "Bearer whatever" + end + + end + + + end + + RSpec.configure do |config| + config.include self, type: :request + config.include self, type: :controller + end +end \ No newline at end of file diff --git a/spec/support/request_authentication_helper.rb b/spec/support/request_authentication_helper.rb deleted file mode 100644 index a435591..0000000 --- a/spec/support/request_authentication_helper.rb +++ /dev/null @@ -1,35 +0,0 @@ -module RequestAuthenticationHelper - extend ActiveSupport::Concern - included do - before(:each) do - 🙈 = Dummy.create_with_methods({body: "{\"email\": \"#{valid_user.email}\"}"}) - allow_any_instance_of(Faraday::Connection).to receive(:get).and_return(🙈) - end - end - - def valid_user - @valid_user ||= create(:user) - end - - def valid_user_token(user = nil) - (user || valid_user).refresh_token - end - - def authorization_header(token = valid_user_token) - authorization_token(token).merge(cookie_header) - end - - def authorization_token(token = valid_user_token) - { authorization: "Token token=#{token}" } - end - - def cookie_header - { HTTP_ANDELA_COOKIE: "valid cookie" } - end -end - - -RSpec.configure do |config| - config.include RequestAuthenticationHelper, type: :request - config.include RequestAuthenticationHelper, type: :controller -end diff --git a/spec/support/valid_request_helper.rb b/spec/support/valid_request_helper.rb deleted file mode 100644 index 57d7d38..0000000 --- a/spec/support/valid_request_helper.rb +++ /dev/null @@ -1,17 +0,0 @@ -module ValidRequest - def valid_user - @valid_user ||= create(:user) - end - - extend ActiveSupport::Concern - included do - before(:each, valid_request: true) do - request.headers['Authorization'] = "Token token=#{valid_user.refresh_token}" - request.headers['HTTP_ANDELA_COOKIE'] = "a.valid.cookie" - end - end -end - -RSpec.configure do |config| - config.include ValidRequest, type: :controller -end