问题描述
我试图使用设计的配置在我的项目通过JSON添加认证:token_authenticatable
我有工作sessions_controller#创建code这是从本文所 - <一个href=\"http://blog.$c$cbykat.com/2012/07/23/remote-api-authentication-with-rails-3-using-activeresource-and-devise/\">http://blog.$c$cbykat.com/2012/07/23/remote-api-authentication-with-rails-3-using-activeresource-and-devise/
DEF创建
build_resource
资源= User.find_for_database_authentication(:电子邮件=&GT; PARAMS [:邮箱])
返回invalid_login_attempt除非资源 如果resource.valid_password(PARAMS [:密码])?
resource.ensure_authentication_token!了#make确保用户生成的令牌
渲染:JSON =&GT; {:authentication_token =&GT; resource.authentication_token,:USER_ID =&GT; resource.id}:状态=&GT; :创建
返回
结束
结束高清invalid_login_attempt
warden.custom_failure!
渲染:JSON =&GT; {:错误=&GT; [无效的电子邮件或密码]}:成功=&GT;假:状态=&GT; :未经授权
结束
问题是,本土色器件sessions_controller#创建看起来像这样
DEF创建
self.resource = warden.authenticate!(auth_options)
set_flash_message(:通知:signed_in)如果is_navigational_format?
sign_in(RESOURCE_NAME,资源)
respond_with资源:位置=&GT; after_sign_in_path_for(资源)
结束
和我不知道如何这两个创建用的方法有认证的网站,并通过JSON工作结合起来呢?
更新
工作code
DEF创建
做的respond_to |格式| format.json做
build_resource
资源= User.find_for_database_authentication(:电子邮件=&GT; PARAMS [:邮箱])
返回invalid_login_attempt除非资源 如果resource.valid_password(PARAMS [:密码])?
resource.ensure_authentication_token!了#make确保用户生成的令牌
渲染JSON:{authentication_token:resource.authentication_token,USER_ID:resource.id},状态:创建
返回
结束
结束 format.html做
self.resource = warden.authenticate!(auth_options)
set_flash_message(:通知:signed_in)如果is_navigational_format?
sign_in(RESOURCE_NAME,资源)
respond_with资源:位置=&GT; after_sign_in_path_for(资源)
结束 结束
结束
您希望您的 SessionsController#创建
方法看起来像这样:
类用户:: SessionsController&LT;设计:: SessionsController
打造高清
资源= warden.authenticate!(范围:RESOURCE_NAME,回忆:#{} controller路径#NEW)
set_flash_message(:通知:signed_in)如果is_navigational_format?
sign_in(RESOURCE_NAME,资源) 做的respond_to |格式|
format.html做
respond_with资源,地点:REDIRECT_LOCATION(RESOURCE_NAME,资源)
结束
format.json做
渲染JSON:{回应:'OK',AUTH_TOKEN:current_user.authentication_token} .to_json,状态:正常
结束
结束
结束
结束
...,并确保你已经配置设计一种使用令牌认证密钥您的客户将通过沿。
I'm trying to add Authentication via json in my project using devise configuration :token_authenticatable.
I have the working sessions_controller#create code which was taken from this article - http://blog.codebykat.com/2012/07/23/remote-api-authentication-with-rails-3-using-activeresource-and-devise/
def create
build_resource
resource = User.find_for_database_authentication(:email => params[:email])
return invalid_login_attempt unless resource
if resource.valid_password?(params[:password])
resource.ensure_authentication_token! #make sure the user has a token generated
render :json => { :authentication_token => resource.authentication_token, :user_id => resource.id }, :status => :created
return
end
end
def invalid_login_attempt
warden.custom_failure!
render :json => { :errors => ["Invalid email or password."] }, :success => false, :status => :unauthorized
end
The problem is that native devise sessions_controller#create looks like this
def create
self.resource = warden.authenticate!(auth_options)
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
end
And i don't know how to combine this two create methods to have authentication working on website and via json too?
UPDATE
The working code
def create
respond_to do |format|
format.json do
build_resource
resource = User.find_for_database_authentication(:email => params[:email])
return invalid_login_attempt unless resource
if resource.valid_password?(params[:password])
resource.ensure_authentication_token! #make sure the user has a token generated
render json: { authentication_token: resource.authentication_token, user_id: resource.id }, status: :created
return
end
end
format.html do
self.resource = warden.authenticate!(auth_options)
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
end
end
end
You want your SessionsController#create
method to look something like this:
class Users::SessionsController < Devise::SessionsController
def create
resource = warden.authenticate!(scope: resource_name, recall: "#{controller_path}#new")
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_to do |format|
format.html do
respond_with resource, location: redirect_location(resource_name, resource)
end
format.json do
render json: { response: 'ok', auth_token: current_user.authentication_token }.to_json, status: :ok
end
end
end
end
...and make sure you've configured devise to use the token authentication key your clients will pass along.
这篇关于使用API设计验证(Ruby on Rails的)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!