api keys: allow users to have multiple API keys.

This is useful if you have multiple programs and want to give them different API keys, or if you want to rotate keys for a single program.
2021-02-14 04:06:39 -06:00
parent 37061f95a6
commit a6707fbfa2
7 changed files with 29 additions and 9 deletions
--- a/test/functional/application_controller_test.rb
+++ b/test/functional/application_controller_test.rb
@@ -55,6 +55,13 @@ class ApplicationControllerTest < ActionDispatch::IntegrationTest
          assert_response :success
        end

+        should "succeed when the user has multiple api keys" do
+          @api_key2 = create(:api_key, user: @user)
+          basic_auth_string = "Basic #{::Base64.encode64("#{@user.name}:#{@api_key2.key}")}"
+          get edit_user_path(@user), headers: { HTTP_AUTHORIZATION: basic_auth_string }
+          assert_response :success
+        end
+
        should "fail for api key mismatches" do
          basic_auth_string = "Basic #{::Base64.encode64("#{@user.name}:badpassword")}"
          get profile_path, as: :json, headers: { HTTP_AUTHORIZATION: basic_auth_string }
@@ -76,6 +83,12 @@ class ApplicationControllerTest < ActionDispatch::IntegrationTest
          assert_response :success
        end

+        should "succeed when the user has multiple api keys" do
+          @api_key2 = create(:api_key, user: @user)
+          get edit_user_path(@user), params: { login: @user.name, api_key: @api_key2.key }
+          assert_response :success
+        end
+
        should "fail for api key mismatches" do
          get profile_path, as: :json, params: { login: @user.name }
          assert_response 401