Rails / Rspec使用http基本身份验证进行测试

时间:2010-09-22 11:25:41

标签: ruby-on-rails rspec http-authentication

这是我在应用程序控制器文件(application_controller.rb)中的http基本身份验证

before_filter :authenticate

protected

def authenticate
  authenticate_or_request_with_http_basic do |username, password|
    username == "username" && password == "password"  
  end
end

和我的家庭控制器的索引操作的默认测试(spec / controllers / home_controller_spec.rb)

require 'spec_helper'

describe HomeController do

describe "GET 'index'" do
  it "should be successful" do
    get 'index'
    response.should be_success
  end
end

由于身份验证方法,测试无法运行。我可以评论“before_filter:authenticate”来运行它们,但我想知道是否有办法让它们使用该方法。

谢谢!

6 个答案:

答案 0 :(得分:131)

更新(2013):Matt Connolly提供了一个GIST,它也适用于请求和控制器规范:http://gist.github.com/4158961

如果您要运行许多测试并且不希望每次都包含它(DRYer代码),则执行此操作的另一种方法是:

创建/spec/support/auth_helper.rb文件: 

module AuthHelper
  def http_login
    user = 'username'
    pw = 'password'
    request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(user,pw)
  end  
end

在您的测试规范文件中: 

describe HomeController do
  render_views

  # login to http basic auth
  include AuthHelper
  before(:each) do
    http_login
  end

  describe "GET 'index'" do
    it "should be successful" do
      get 'index'
      response.should be_success
    end
  end

end

信用here

答案 1 :(得分:17)

对不起,我没有找到足够的,解决方案似乎如下:

describe "GET 'index'" do
  it "should be successful" do
    @request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("username:password")
    get 'index'
    response.should be_success
  end
end

答案 2 :(得分:5)

有些答案建议设置request.env这是不安全的,因为请求可以是nil,最终会得到private method env' called for nil:NilClass,尤其是在使用rspec -e <进行单项测试时/ p>

正确的方法是:

def http_login
  user = 'user'
  password = 'passw'
  {
    HTTP_AUTHORIZATION: ActionController::HttpAuthentication::Basic.encode_credentials(user,password)
  }
end

get 'index', nil, http_login

post 'index', {data: 'post-data'}, http_login

答案 3 :(得分:4)

使用Rspec测试Grape API时,以下语法有效

        post :create, {:entry => valid_attributes}, valid_session

其中valid_session是

{'HTTP_AUTHORIZATION' => credentials}


credentials = ActionController::HttpAuthentication::Token.encode_credentials("test_access1")

答案 4 :(得分:0)

我的解决方案:

stub_request(method, url).with(
  headers: { 'Authorization' => /Basic */ }
).to_return(
  status: status, body: 'stubbed response', headers: {}
)

使用 gem webmock

您可以通过更改来加强验证:

/Basic */ -> "Basic #{Base64.strict_encode64([user,pass].join(':')).chomp}"

URL-可以是正则表达式

答案 5 :(得分:0)

对我来说,使用 Rails 6,我需要 rspec get 方法的关键字参数,例如 .. get route, params: params, headers: headers

Auth Helper 方法

module AuthHelper
  def headers(options = {})
    user = ENV['BASIC_AUTH_USER']
    pw = ENV['BASIC_AUTH_PASSWORD']

    { HTTP_AUTHORIZATION: ActionController::HttpAuthentication::Basic.encode_credentials(user,pw) }
  end
  def auth_get(route, params = {})
    get route, params: params, headers: headers
  end
end

rspec 请求测试。

describe HomeController, type: :request do    
  include AuthHelper

  describe "GET 'index'" do
    it "should be successful" do
      auth_get 'index'
      expect(response).to be_successful
    end
  end

end
相关问题
最新问题