Skip to content
This repository has been archived by the owner on Mar 22, 2021. It is now read-only.

Commit

Permalink
Merge branch 'master' of github.com:nsarno/knock
Browse files Browse the repository at this point in the history
  • Loading branch information
nsarno committed Jul 23, 2015
2 parents de6489a + 948f821 commit e8b6357
Showing 1 changed file with 31 additions and 4 deletions.
35 changes: 31 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ You can now protect your resources by adding the `authenticate` before_action
to your controllers like this:

```ruby
class MyResourceController < ApplicationController
class MyResourcesController < ApplicationController
before_action :authenticate

def index
Expand Down Expand Up @@ -102,14 +102,41 @@ To make an authenticated request to your API, you need to pass the token in the

```
Authorization: Bearer TOKEN
GET /myresources
GET /my_resources
```

### CORS
### Authenticated tests

To authenticate within your tests:

1. Create a valid token
2. Pass it in your request

e.g.

```ruby
class MyResourcesControllerTest < ActionController::TestCase
def authenticate
token = Knock::AuthToken.new(payload: { sub: users(:one).id }).token
request.env['HTTP_AUTHORIZATION'] = "bearer #{token}"
end

setup do
authenticate
end

it 'responds successfully' do
get :index
assert_response :success
end
end
```

## CORS

To enable cross-origin resource sharing, check out the [rack-cors](https://github.com/cyu/rack-cors) gem.

### Related links
## Related links

- [10 things you should know about tokens](https://auth0.com/blog/2014/01/27/ten-things-you-should-know-about-tokens-and-cookies/)

Expand Down

0 comments on commit e8b6357

Please sign in to comment.