Commit d12579aa43372bdaa5989eee95db9c10e89befe7
Exists in
master
and in
4 other branches
Merge branch 'api' of https://github.com/NARKOZ/gitlabhq into api
Showing
4 changed files
with
19 additions
and
10 deletions
Show diff stats
app/views/help/api.html.haml
| ... | ... | @@ -14,6 +14,8 @@ |
| 14 | 14 | %li |
| 15 | 15 | %a{href: "#users"} Users |
| 16 | 16 | %li |
| 17 | + %a{href: "#session"} Session | |
| 18 | + %li | |
| 17 | 19 | %a{href: "#issues"} Issues |
| 18 | 20 | %li |
| 19 | 21 | %a{href: "#milestones"} Milestones |
| ... | ... | @@ -58,6 +60,16 @@ |
| 58 | 60 | |
| 59 | 61 | %br |
| 60 | 62 | |
| 63 | +.file_holder#session | |
| 64 | + .file_title | |
| 65 | + %i.icon-file | |
| 66 | + Session | |
| 67 | + .file_content.wiki | |
| 68 | + = preserve do | |
| 69 | + = markdown File.read(Rails.root.join("doc", "api", "session.md")) | |
| 70 | + | |
| 71 | +%br | |
| 72 | + | |
| 61 | 73 | .file_holder#issues |
| 62 | 74 | .file_title |
| 63 | 75 | %i.icon-file | ... | ... |
lib/api/entities.rb
| ... | ... | @@ -9,8 +9,8 @@ module Gitlab |
| 9 | 9 | expose :id, :email, :name, :blocked, :created_at |
| 10 | 10 | end |
| 11 | 11 | |
| 12 | - class UserLogin < Grape::Entity | |
| 13 | - expose :id, :email, :name, :private_token, :blocked, :created_at | |
| 12 | + class UserLogin < UserBasic | |
| 13 | + expose :private_token | |
| 14 | 14 | end |
| 15 | 15 | |
| 16 | 16 | class Hook < Grape::Entity |
| ... | ... | @@ -56,9 +56,7 @@ module Gitlab |
| 56 | 56 | end |
| 57 | 57 | |
| 58 | 58 | class Key < Grape::Entity |
| 59 | - expose :id, | |
| 60 | - :title, | |
| 61 | - :key | |
| 59 | + expose :id, :title, :key | |
| 62 | 60 | end |
| 63 | 61 | end |
| 64 | 62 | end | ... | ... |
lib/api/session.rb
| ... | ... | @@ -8,14 +8,13 @@ module Gitlab |
| 8 | 8 | post "/session" do |
| 9 | 9 | resource = User.find_for_database_authentication(email: params[:email]) |
| 10 | 10 | |
| 11 | - return forbidden! unless resource | |
| 11 | + return unauthorized! unless resource | |
| 12 | 12 | |
| 13 | 13 | if resource.valid_password?(params[:password]) |
| 14 | 14 | present resource, with: Entities::UserLogin |
| 15 | 15 | else |
| 16 | - forbidden! | |
| 16 | + unauthorized! | |
| 17 | 17 | end |
| 18 | 18 | end |
| 19 | 19 | end |
| 20 | 20 | end |
| 21 | - | ... | ... |
spec/requests/api/session_spec.rb
| ... | ... | @@ -19,7 +19,7 @@ describe Gitlab::API do |
| 19 | 19 | context "when invalid password" do |
| 20 | 20 | it "should return authentication error" do |
| 21 | 21 | post api("/session"), email: user.email, password: '123' |
| 22 | - response.status.should == 403 | |
| 22 | + response.status.should == 401 | |
| 23 | 23 | |
| 24 | 24 | json_response['email'].should be_nil |
| 25 | 25 | json_response['private_token'].should be_nil |
| ... | ... | @@ -29,7 +29,7 @@ describe Gitlab::API do |
| 29 | 29 | context "when empty password" do |
| 30 | 30 | it "should return authentication error" do |
| 31 | 31 | post api("/session"), email: user.email |
| 32 | - response.status.should == 403 | |
| 32 | + response.status.should == 401 | |
| 33 | 33 | |
| 34 | 34 | json_response['email'].should be_nil |
| 35 | 35 | json_response['private_token'].should be_nil | ... | ... |