From cee9311cbcb41cc1e1b62f2a55db6262498bcd22 Mon Sep 17 00:00:00 2001
From: redshiftzero <jen@freedom.press>
Date: Tue, 5 Nov 2019 18:44:39 -0500
Subject: [PATCH] api: add journalist first name, last name to token response

this is for https://github.com/freedomofpress/securedrop-client/issues/575
---
 docs/development/journalist_api.rst     | 4 +++-
 securedrop/journalist_app/api.py        | 2 ++
 securedrop/tests/test_journalist_api.py | 2 ++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/docs/development/journalist_api.rst b/docs/development/journalist_api.rst
index b055ead7f8..8f841479e7 100644
--- a/docs/development/journalist_api.rst
+++ b/docs/development/journalist_api.rst
@@ -45,7 +45,9 @@ This will produce a response with your Authorization token:
   {
       "expiration": "2018-07-10T04:29:41.696321Z",
       "token": "eyJhbGciOiJIUzI1NiIsImV4cCI6MTUzMTE5Njk4MSwiaWF0IjoxNTMxMTY4MTgxfQ.eyJpZCI6MX0.TBSvfrICMxtvWgpVZzqTl6wHYNQuGPOaZpuAKwwIXXo",
-      "journalist_uuid": "54d81dae-9d94-4145-8a57-4c804a04cfe0"
+      "journalist_uuid": "54d81dae-9d94-4145-8a57-4c804a04cfe0",
+      "journalist_first_name": "daniel",
+      "journalist_last_name": "ellsberg"
   }
 
 Thereafter in order to authenticate to protected endpoints, send the token in
diff --git a/securedrop/journalist_app/api.py b/securedrop/journalist_app/api.py
index 243d04f8b9..5ec0545f5e 100644
--- a/securedrop/journalist_app/api.py
+++ b/securedrop/journalist_app/api.py
@@ -118,6 +118,8 @@ def get_token():
                 'token': journalist.generate_api_token(expiration=TOKEN_EXPIRATION_MINS * 60),
                 'expiration': token_expiry.isoformat() + 'Z',
                 'journalist_uuid': journalist.uuid,
+                'journalist_first_name': journalist.first_name,
+                'journalist_last_name': journalist.last_name,
             })
 
             # Update access metadata
diff --git a/securedrop/tests/test_journalist_api.py b/securedrop/tests/test_journalist_api.py
index 3b34d04671..d0581b8995 100644
--- a/securedrop/tests/test_journalist_api.py
+++ b/securedrop/tests/test_journalist_api.py
@@ -45,6 +45,8 @@ def test_valid_user_can_get_an_api_token(journalist_app, test_journo):
         assert isinstance(Journalist.validate_api_token_and_get_user(
             response.json['token']), Journalist) is True
         assert response.status_code == 200
+        assert response.json['journalist_first_name'] == test_journo['first_name']
+        assert response.json['journalist_last_name'] == test_journo['last_name']
 
 
 def test_user_cannot_get_an_api_token_with_wrong_password(journalist_app,