3 years ago · f8aae15cdc
--- a/app/controllers/api/v1/users_controller.rb
+++ b/app/controllers/api/v1/users_controller.rb
@@ -19,6 +19,19 @@ class Api::V1::UsersController < ApplicationController
 
				
				     end
			
 
				
				   end
			
 
				
				 
			
 
				
				+  def update
			
 
				
				+    if @user.update(user_params)
			
 
				
				+      render json: @user, status: :ok
			
 
				
				+    else
			
 
				
				+      render json: @user.errors, status: :unprocessable_entity
			
 
				
				+    end
			
 
				
				+  end
			
 
				
				+
			
 
				
				+  def destroy
			
 
				
				+    @user.destroy
			
 
				
				+    head 204
			
 
				
				+  end
			
 
				
				+
			
 
				
				   private
			
 
				
				 
			
 
				
				   # Only allow a trusted parameter "white list" through.
			
--- a/app/controllers/concerns/authenticable.rb
+++ b/app/controllers/concerns/authenticable.rb
@@ -0,0 +1,18 @@
 
				
				+module Authenticable
			
 
				
				+  def current_user
			
 
				
				+    return @current_user if @current_user
			
 
				
				+
			
 
				
				+    header = request.headers['Authorization']
			
 
				
				+    return nil if header.nil?
			
 
				
				+
			
 
				
				+    decoded = JsonWebToken.decode(header)
			
 
				
				+
			
 
				
				+    @current_user = User.find(decoded[:user_id]) rescue ActiveRecord::RecordNotFound
			
 
				
				+  end
			
 
				
				+
			
 
				
				+  protected
			
 
				
				+
			
 
				
				+  def check_login
			
 
				
				+    head :forbidden unless self.current_user
			
 
				
				+  end
			
 
				
				+end
			
--- a/test/controllers/api/v1/users_controller_test.rb
+++ b/test/controllers/api/v1/users_controller_test.rb
@@ -34,5 +34,31 @@ class Api::V1::UsersControllerTest < ActionDispatch::IntegrationTest
 
				
				       post api_v1_users_url, params: { user: { email: "test@email.com", username: @user.username, password: '123456' } }, as: :json
			
 
				
				     end
			
 
				
				     assert_response :unprocessable_entity
			
 
				
				-  end 
			
 
				
				+  end
			
 
				
				+
			
 
				
				+  #UPDATE
			
 
				
				+  test "should update user" do
			
 
				
				+    patch api_v1_user_url(@user), params: { user: { email: @user.email, username: @user.username, password: '123456' } }, as: :json
			
 
				
				+    assert_response :success
			
 
				
				+  end
			
 
				
				+
			
 
				
				+  # test "should not update user when invalid params are sent" do
			
 
				
				+  #   patch api_v1_user_url(@user), params: { user: { email: 'bad_email', username: @user.username, password: '123456' } }, as: :json
			
 
				
				+  #   assert_response :unprocessable_entity
			
 
				
				+  # end
			
 
				
				+
			
 
				
				+  #DESTROY 
			
 
				
				+  test "should destroy user" do
			
 
				
				+    assert_difference('User.count', -1) do
			
 
				
				+      delete api_v1_user_url(@user), as: :json
			
 
				
				+    end
			
 
				
				+    assert_response :no_content
			
 
				
				+  end
			
 
				
				+
			
 
				
				+  # test "should forbid destroy user" do
			
 
				
				+  #   assert_no_difference('User.count') do
			
 
				
				+  #     delete api_v1_user_url(@user), as: :json
			
 
				
				+  #   end
			
 
				
				+  #   assert_response :forbidden
			
 
				
				+  # end
			
 
				
				 end