From bc8fc2d4e4bcf3512da06e8d7cf534cd86f273c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Thu, 29 Sep 2011 11:35:18 +0200 Subject: [PATCH] Allow idempotent API requests, closes #1309. --- lib/devise/controllers/internal_helpers.rb | 1 + test/integration/authenticatable_test.rb | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/lib/devise/controllers/internal_helpers.rb b/lib/devise/controllers/internal_helpers.rb index 805a3c5c..70bffb53 100644 --- a/lib/devise/controllers/internal_helpers.rb +++ b/lib/devise/controllers/internal_helpers.rb @@ -91,6 +91,7 @@ MESSAGE # Example: # before_filter :require_no_authentication, :only => :new def require_no_authentication + return unless is_navigational_format? no_input = devise_mapping.no_input_strategies args = no_input.dup.push :scope => resource_name if no_input.present? && warden.authenticate?(*args) diff --git a/test/integration/authenticatable_test.rb b/test/integration/authenticatable_test.rb index 8abc6d5f..b50bb48c 100644 --- a/test/integration/authenticatable_test.rb +++ b/test/integration/authenticatable_test.rb @@ -439,6 +439,22 @@ class AuthenticationOthersTest < ActionController::IntegrationTest assert response.body.include? %(\n) end + test 'sign in with xml format is idempotent' do + get new_user_session_path(:format => 'xml') + assert_response :success + + create_user + post user_session_path(:format => 'xml'), :user => {:email => "user@test.com", :password => '123456'} + assert_response :success + + get new_user_session_path(:format => 'xml') + assert_response :success + + post user_session_path(:format => 'xml'), :user => {:email => "user@test.com", :password => '123456'} + assert_response :success + assert response.body.include? %(\n) + end + test 'sign out with xml format returns ok response' do sign_in_as_user get destroy_user_session_path(:format => 'xml')