@pablobm commented on this pull request.
> + create(:user, :auth_provider => "facebook", :auth_uid => "12345")
+
+ payload = Base64.urlsafe_encode64(
+ JSON.generate(
+ :algorithm => "HMAC-SHA256",
+ :expires => Time.now.to_i + 3600,
+ :issued_at => Time.now.to_i,
+ :user_id => "12345"
+ )
+ )
+ signature = OpenSSL::HMAC.digest("SHA256", "invalid secret", payload)
+ encoded_signature = Base64.urlsafe_encode64(signature)
+ signed_request = [encoded_signature, payload].join(".")
+
+ post auth_delete_path(:provider => "facebook"), :params => {
:signed_request => signed_request }
+ assert_response :bad_request
Also worth checking that there were no changes to the user:
```suggestion
assert_response :bad_request
user.reload
assert_equal "facebook", user.auth_provider
assert_equal "12345", user.auth_uid
```
> @@ -233,9 +233,16 @@
get "/forgot-password.html", :to => redirect(:path =>
"/user/forgot-password")
# omniauth
- get "/auth/failure" => "users#auth_failure"
- match "/auth/:provider/callback" => "users#auth_success", :via => [:get,
:post], :as => :auth_success
- match "/auth/:provider" => "users#auth", :via => [:post, :patch], :as =>
:auth
+ scope "/auth", :as => :auth do
+ get "/failure" => "users#auth_failure"
+
+ scope ":provider" do
+ match "/callback" => "users#auth_success", :via => [:get, :post], :as =>
:success
+ match "" => "users#auth", :via => [:post, :patch]
+
+ resource :delete, :only => [:show, :create], :module => "accounts",
:controller => "auth_deletions"
In the spirit of resources as nouns, how about `:deletion`?
```suggestion
resource :deletion, :only => [:show, :create], :module => "accounts",
:controller => "auth_deletions"
```
Or alternatively in the plural:
```suggestion
resource :deletions, :only => [:show, :create], :module => "accounts",
:controller => "auth_deletions"
```
This second one might look a bit odd, mixing singular and plural, but arguably
gives us the most "pure" noun resource as the route does not refer to any one
specific deletion.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/7093#pullrequestreview-4590387813
You are receiving this because you are subscribed to this thread.
Message ID:
<openstreetmap/openstreetmap-website/pull/7093/review/[email protected]>_______________________________________________
rails-dev mailing list
[email protected]
https://lists.openstreetmap.org/listinfo/rails-dev