与Rails和制定令牌认证

本文介绍了与Rails和制定令牌认证的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我下面这个优秀的文章设置我的导轨鉴别部分（3.2）API：结果
的

I'm following this excellent article to setup the authentification part of my rails (3.2) API:
http://blog.joshsoftware.com/2011/12/23/designing-rails-api-using-rabl-and-devise/

我做了以下的步骤：

- 增加设计到Gemfile中

-Added devise to Gemfile

铱捎糜设计为用户模式和运行所需的迁移

-Enabled devise for the user model and ran the migrations required

- 我的用户模型是

-My user model is

class User < ActiveRecord::Base
  devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable
  devise :token_authenticatable

  attr_accessible :email, :authentication_token, :password, :password_confirmation, :remember_me
end

，以及在数据库中token_authenticable（通过迁移）。

as well as the token_authenticable in Database (via a migration).

-Subclassed的这个RegistrationController有：

-Subclassed the RegistrationController with:

class RegistrationsController < Devise::RegistrationsController
  def new
    super
  end

  def create
    resource = warden.authenticate!(:scope => resource_name, :recall => " {controller_path}#new")
    sign_in(resource_name, resource)
    current_user.reset_authentication_token!
    respond_with resource, :location => after_sign_in_path_for(resource)
  end

  def update
    super
  end
end

- 在routes.rb中，我有：

-In routes.rb, I have:

devise_for :users, :controllers => {:registrations => "registrations"}

用户创建

我想下面的请求创建一个用户，并发送回authentification_token：

I'd like the following request to create a user and to send back the authentification_token:

curl -H "Accept: application/json" -H "Content-type: application/json"  -X POST -d '{"user":{"email":"[email protected]", "password":"pass"}}' 'http://localhost:3000/users.json

我的理解是，逻辑应该在注册控制器的创造的方法（即应创建用户并登录他在同一时间）去。我想应该是错的，因为我得到的回报的讯息是：

My understanding is that the logic should go in the "create" method of the registration controller (that should create the user and log him in at the same time). I think I should be wrong as the message I got in return is:

{"error":"You need to sign in or sign up before continuing."}

什么是缺少的部分，以创建并登录新用户？是不是POST到users.json映射到这个RegistrationController＃创建？

What is the missing piece to have the new user created and logged ? Isn't POST to users.json mapped to RegistrationController#create ?

用户登录

另外，我想下面的请求登录（送他回到他的authentification_token一旦登录/密码已经被选中）

Also, I'd like the following request to log a user in (sending him back his authentification_token once the login / password have been checked)

curl -H "Accept: application/json" -H "Content-type: application/json"  -X GET -d '{"user":{"email":"[email protected]","password":"pass"}}' 'http://localhost:3000/users.json

我猜的逻辑应该在这个RegistrationController的更新的方法，但不是100％肯定。一旦登录完成后，我会再加入令牌认证方式来保护一些其他车型的创建/视图。

I guess the logic should go in the "update" method of RegistrationController but not 100% sure about that. Once the login is done I will then add the token authentification to protect the creation / view of some other models.

更新

当我发出：

curl -H "Accept: application/json" -H "Content-type: application/json"  -X POST -d '{"user":{"email":"[email protected]", "password": "mypass", "phone":"1234567890"}}' 'http://localhost:3000/users.json'

我得到了以下信息：

I got the following message:

Started POST "/users.json" for 127.0.0.1 at 2012-03-11 20:50:05 +0100
Processing by RegistrationsController#create as JSON
Parameters: {"user"=>{"email"=>"[email protected]", , "password"=>"[FILTERED]", "phone"=>"1234567890"}, "registration"=>{"user"=>{"email"=>"[email protected]", "password"=>"[FILTERED]", "phone"=>"1234567890"}, "action"=>"create", "controller"=>"registrations", "format"=>"json"}}
WARNING: Can't verify CSRF token authenticity
Completed 401 Unauthorized in 1ms

为什么用户不能创建和签署的，为什么没有返回authentication_token任何想法？

Any ideas why the user is not created and signed in and why no authentication_token is returned ?

与Rails和制定令牌认证

问题描述

推荐答案