Merge pull request #4971 from freedomofpress/api-journo-names

api: add journalist first name, last name to token response
freedomofpress · Nov 8, 2019 · 4046dd3 · 4046dd3
2 parents 39fbc68 + cee9311
commit 4046dd3
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 1 deletion.
diff --git a/docs/development/journalist_api.rst b/docs/development/journalist_api.rst
@@ -45,7 +45,9 @@ This will produce a response with your Authorization token:
   {
       "expiration": "2018-07-10T04:29:41.696321Z",
       "token": "eyJhbGciOiJIUzI1NiIsImV4cCI6MTUzMTE5Njk4MSwiaWF0IjoxNTMxMTY4MTgxfQ.eyJpZCI6MX0.TBSvfrICMxtvWgpVZzqTl6wHYNQuGPOaZpuAKwwIXXo",
-      "journalist_uuid": "54d81dae-9d94-4145-8a57-4c804a04cfe0"
+      "journalist_uuid": "54d81dae-9d94-4145-8a57-4c804a04cfe0",
+      "journalist_first_name": "daniel",
+      "journalist_last_name": "ellsberg"
   }
 
 Thereafter in order to authenticate to protected endpoints, send the token in

diff --git a/securedrop/journalist_app/api.py b/securedrop/journalist_app/api.py
@@ -118,6 +118,8 @@ def get_token():
                 'token': journalist.generate_api_token(expiration=TOKEN_EXPIRATION_MINS * 60),
                 'expiration': token_expiry.isoformat() + 'Z',
                 'journalist_uuid': journalist.uuid,
+                'journalist_first_name': journalist.first_name,
+                'journalist_last_name': journalist.last_name,
             })
 
             # Update access metadata

diff --git a/securedrop/tests/test_journalist_api.py b/securedrop/tests/test_journalist_api.py
@@ -45,6 +45,8 @@ def test_valid_user_can_get_an_api_token(journalist_app, test_journo):
         assert isinstance(Journalist.validate_api_token_and_get_user(
             response.json['token']), Journalist) is True
         assert response.status_code == 200
+        assert response.json['journalist_first_name'] == test_journo['first_name']
+        assert response.json['journalist_last_name'] == test_journo['last_name']
 
 
 def test_user_cannot_get_an_api_token_with_wrong_password(journalist_app,