37061f95a6
* Add an explanation of what an API key is and how to use it. * Make it possible for the site owner to view all API keys. * Remove the requirement to re-enter your password before you can view your API key (to be reworked). * Move the API key controller from maintenance/user/api_keys_controller.rb to a top level controller.
33 lines
894 B
Ruby
33 lines
894 B
Ruby
require 'test_helper'
|
|
|
|
class ApiKeyTest < ActiveSupport::TestCase
|
|
context "in all cases a user" do
|
|
setup do
|
|
@user = create(:user)
|
|
@api_key = create(:api_key, user: @user)
|
|
end
|
|
|
|
should "generate a unique key" do
|
|
assert_not_nil(@api_key.key)
|
|
end
|
|
|
|
should "authenticate via api key" do
|
|
assert_equal(@user, @user.authenticate_api_key(@api_key.key))
|
|
end
|
|
|
|
should "not authenticate with the wrong api key" do
|
|
assert_equal(false, @user.authenticate_api_key("xxx"))
|
|
end
|
|
|
|
should "not authenticate with the wrong name" do
|
|
assert_equal(false, create(:user).authenticate_api_key(@api_key.key))
|
|
end
|
|
|
|
should "have the same limits whether or not they have an api key" do
|
|
assert_no_difference(["@user.reload.api_regen_multiplier", "@user.reload.api_burst_limit"]) do
|
|
@user.api_key.destroy
|
|
end
|
|
end
|
|
end
|
|
end
|