From 2b8f2af2dd8ef594c69bcbee80366ff80c902173 Mon Sep 17 00:00:00 2001 From: Lynn Hurley Date: Sat, 24 Oct 2015 21:04:04 -0500 Subject: [PATCH] prevent batching of requests by appending "unbatch=true" param to request url --- .../concerns/set_user_by_token.rb | 1 + test/controllers/demo_user_controller_test.rb | 25 +++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb index 546c76213..6dff274a4 100644 --- a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +++ b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb @@ -125,6 +125,7 @@ def resource_class(m=nil) def is_batch_request?(user, client_id) + not params[:unbatch] and user.tokens[client_id] and user.tokens[client_id]['updated_at'] and Time.parse(user.tokens[client_id]['updated_at']) > @request_started_at - DeviseTokenAuth.batch_request_buffer_throttle diff --git a/test/controllers/demo_user_controller_test.rb b/test/controllers/demo_user_controller_test.rb index df0ad7c9a..df3dde9af 100644 --- a/test/controllers/demo_user_controller_test.rb +++ b/test/controllers/demo_user_controller_test.rb @@ -201,6 +201,31 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest end end + describe 'unbatch' do + before do + @resource.reload + age_token(@resource, @client_id) + + get '/demo/members_only', {}, @auth_headers + + @first_is_batch_request = assigns(:is_batch_request) + @first_user = assigns(:resource).dup + @first_access_token = response.headers['access-token'] + @first_response_status = response.status + + get '/demo/members_only?unbatch=true', {}, @auth_headers + + @second_is_batch_request = assigns(:is_batch_request) + @second_user = assigns(:resource) + @second_access_token = response.headers['access-token'] + @second_response_status = response.status + end + + it 'should NOT treat the second request as a batch request when "unbatch" param is set' do + refute @second_is_batch_request + end + end + describe 'time out' do before do @resource.reload