IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FIX: Do not allow revoking the token of current session. (#6472)

Browse Source 
* FIX: Do not allow revoking the token of current session.

* DEV: Add getter of current auth_token from Guardian.
This commit is contained in:
Bianca Nenciu
2018-10-12 02:40:48 +03:00
committed by Sam
parent e68ecf1f1d
commit 048cdfbcfa
5 changed files with 28 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
spec/components/guardian_spec.rb
View File

@@ -2963,4 +2963,14 @@ describe Guardian do
end
end
end
describe '#auth_token' do
it 'returns the correct auth token' do
token = UserAuthToken.generate!(user_id: user.id)
env = Rack::MockRequest.env_for("/", "HTTP_COOKIE" => "_t=#{token.unhashed_auth_token};")
guardian = Guardian.new(user, Rack::Request.new(env))
expect(guardian.auth_token).to eq(token.auth_token)
end
end
end