add a /v1/uid endpoint

fixes #20
2014-05-16 14:47:22 -07:00 · 2014-05-16 14:47:22 -07:00 · f8eda1a594
--- a/lib/routes/uid.js
+++ b/lib/routes/uid.js
@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+module.exports = {
+  auth: {
+    strategy: 'oauth',
+    scope: ['profile', 'profile:uid']
+  },
+  handler: function email(req, reply) {
+    reply({
+      uid: req.auth.credentials.user
+    });
+  }
+};
+
+
--- a/lib/routing.js
+++ b/lib/routing.js
@ -18,5 +18,10 @@ module.exports = [
    method: 'POST',
    path: v('/email'),
    config: require('./routes/email')
+  },
+  {
+    method: 'POST',
+    path: v('/uid'),
+    config: require('./routes/uid')
  }
 ];
--- a/test/api.js
+++ b/test/api.js
@ -106,10 +106,10 @@ describe('/email', function() {
    });
  });

-  it('should NOT return a profile if wrong scope', function() {
+  it('should NOT return email if wrong scope', function() {
    mockToken().reply(200, JSON.stringify({
      user: USERID,
-      scope: ['foo', 'bar']
+      scope: ['profile:uid']
    }));
    return Server.api.post({
      url: '/email',
@ -122,3 +122,40 @@ describe('/email', function() {
  });
 });

+describe('/uid', function() {
+  var uid = token();
+  before(function() {
+    return db.createProfile({
+      uid: uid,
+      avatar: avatarUrl
+    });
+  });
+
+  it('should return an uid', function() {
+    mockToken().reply(200, TOKEN_GOOD);
+    return Server.api.post({
+      url: '/uid',
+      headers: {
+        authorization: 'Bearer ' + uid
+      }
+    }).then(function(res) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(JSON.parse(res.payload).uid, USERID);
+    });
+  });
+
+  it('should NOT return a profile if wrong scope', function() {
+    mockToken().reply(200, JSON.stringify({
+      user: USERID,
+      scope: ['profile:email']
+    }));
+    return Server.api.post({
+      url: '/uid',
+      headers: {
+        authorization: 'Bearer ' + uid
+      }
+    }).then(function(res) {
+      assert.equal(res.statusCode, 403);
+    });
+  });
+});