When making request on a base controller, verify token instead of session

Virtuatable / virtuatable-core

The model layer gem for the jdr tools suite

0 stars 0 forks source link

When making request on a base controller, verify token instead of session #69

Closed vincentcourtois closed 2 years ago

vincentcourtois commented 2 years ago

Context

In the previous versions of the Virtuatable Core, we checked the session of the user when getting query on the API
We've currently implemented an OAuth system fully working

Needs

As an API user
I want to be able to authenticate on the API using my OAuth token
So that I can show that I have the permission of the user to manage its data

Notes

Check the existence and the validity of the tokens

vincentcourtois commented 2 years ago

Modify the declarators helper to check token instead of session
Replace the Session helper to make a Token helper checking the correct parameter
Change the way the account is inferred in the Accounts helper
Create an OAuth token factory and use it in the tests
Fix the tests of the base controller and the other controllers to work correctly