We Eatt

• My Recipes
• Friends
• Lists
• Cookbook
• Recipes
• Log In

API Documentation

• Overall Design
• Authentication
• New User Accounts
• Recipe Search
• Recipe Detail

Api Authentication

Feature: /api/v1/login

	As an API User
	I want to login
	So that I can retrieve my auth_token
	And make further requests

	Background:
		Given I have a We Eatt account with login: "chefczar", email: "chefczar@weeatt.com", password: "supersecret"
		And my "Accept" header is set to "application/json"
		And my "Content-Type" header is set to "application/json"
		And my application api-key is set in the "x-api-key" header

	Scenario: Login with correct login and password
		Given my application api-key is set in the "x-api-key" header
		When I post the following JSON to "/api/v1/chefs/sign_in":
		"""
		{
				"chef_login": {
						"login": "chefczar",
						"password": "supersecret"
				}
		}
		"""
		Then the response status should be "200"
		And the response should be the JSON:
		"""
		{
				"success": true,
				"login": "chefczar",
				"email": "chefczar@weeatt.com",
				"auth_token": "eIe0dXH0tioKVVK4MUBV"
		}
		"""

	Scenario: Login incorrectly
		When I post the following JSON to "/api/v1/chefs/sign_in":
		"""
		{
				"chef_login":{
					"login": "chefczar",
					"password": "wrongsecret"
				}
		}
		"""
		Then the response status should be "401"
	
	Scenario: I do not send an api-key
		Given my api-key is blank or missing
		When I post the following JSON to "/api/v1/chefs/sign_in":
		"""
		{
				"chef_login": {
						"login": "chefczar",
						"password": "supersecret"
				}
		}
		"""
		Then the response status should be "403"