diff options
| author | Rémy Coutable <remy@rymai.me> | 2016-11-10 09:54:23 +0000 |
|---|---|---|
| committer | Rémy Coutable <remy@rymai.me> | 2016-11-10 09:54:23 +0000 |
| commit | e3dcd83d4a4b75dc050592ea008dc34ecbe0aa49 (patch) | |
| tree | d9f7b417dd386c2fa166661f5c3392c5f4908a5b | |
| parent | a29544f5fee8ba65fcfea0689b0c60b77d8784ab (diff) | |
| parent | 603ebe55f0232f16b5f1db95d2962a4cf5cdcc1b (diff) | |
| download | gitlab-ce-e3dcd83d4a4b75dc050592ea008dc34ecbe0aa49.tar.gz | |
Merge branch 'grapify-session-api' into 'master'
Grapify the session API
## What are the relevant issue numbers?
Related to #22928
See merge request !7381
| -rw-r--r-- | lib/api/session.rb | 19 | ||||
| -rw-r--r-- | spec/requests/api/session_spec.rb | 16 |
2 files changed, 18 insertions, 17 deletions
diff --git a/lib/api/session.rb b/lib/api/session.rb index 55ec66a6d67..d09400b81f5 100644 --- a/lib/api/session.rb +++ b/lib/api/session.rb @@ -1,15 +1,14 @@ module API - # Users API class Session < Grape::API - # Login to get token - # - # Parameters: - # login (*required) - user login - # email (*required) - user email - # password (required) - user password - # - # Example Request: - # POST /session + desc 'Login to get token' do + success Entities::UserLogin + end + params do + optional :login, type: String, desc: 'The username' + optional :email, type: String, desc: 'The email of the user' + requires :password, type: String, desc: 'The password of the user' + at_least_one_of :login, :email + end post "/session" do user = Gitlab::Auth.find_with_user_password(params[:email] || params[:login], params[:password]) diff --git a/spec/requests/api/session_spec.rb b/spec/requests/api/session_spec.rb index acad1365ace..e3f22b4c578 100644 --- a/spec/requests/api/session_spec.rb +++ b/spec/requests/api/session_spec.rb @@ -67,22 +67,24 @@ describe API::API, api: true do end context "when empty password" do - it "returns authentication error" do + it "returns authentication error with email" do post api("/session"), email: user.email - expect(response).to have_http_status(401) - expect(json_response['email']).to be_nil - expect(json_response['private_token']).to be_nil + expect(response).to have_http_status(400) + end + + it "returns authentication error with username" do + post api("/session"), email: user.username + + expect(response).to have_http_status(400) end end context "when empty name" do it "returns authentication error" do post api("/session"), password: user.password - expect(response).to have_http_status(401) - expect(json_response['email']).to be_nil - expect(json_response['private_token']).to be_nil + expect(response).to have_http_status(400) end end end |