-
-
Save jwo/1255275 to your computer and use it in GitHub Desktop.
| class Api::RegistrationsController < Api::BaseController | |
| respond_to :json | |
| def create | |
| user = User.new(params[:user]) | |
| if user.save | |
| render :json=> user.as_json(:auth_token=>user.authentication_token, :email=>user.email), :status=>201 | |
| return | |
| else | |
| warden.custom_failure! | |
| render :json=> user.errors, :status=>422 | |
| end | |
| end | |
| end |
| class Api::SessionsController < Api::BaseController | |
| prepend_before_filter :require_no_authentication, :only => [:create ] | |
| include Devise::Controllers::InternalHelpers | |
| before_filter :ensure_params_exist | |
| respond_to :json | |
| def create | |
| build_resource | |
| resource = User.find_for_database_authentication(:login=>params[:user_login][:login]) | |
| return invalid_login_attempt unless resource | |
| if resource.valid_password?(params[:user_login][:password]) | |
| sign_in("user", resource) | |
| render :json=> {:success=>true, :auth_token=>resource.authentication_token, :login=>resource.login, :email=>resource.email} | |
| return | |
| end | |
| invalid_login_attempt | |
| end | |
| def destroy | |
| sign_out(resource_name) | |
| end | |
| protected | |
| def ensure_params_exist | |
| return unless params[:user_login].blank? | |
| render :json=>{:success=>false, :message=>"missing user_login parameter"}, :status=>422 | |
| end | |
| def invalid_login_attempt | |
| warden.custom_failure! | |
| render :json=> {:success=>false, :message=>"Error with your login or password"}, :status=>401 | |
| end | |
| end |
I'd suggest taking a look at https://github.com/gonzalo-bulnes/simple_token_authentication and/or https://github.com/thoulike/rails-api-authentication-token-example.
Dear,
It's nice post.
But I have one question.
How about if I setting for Devise with maximum_attempts = 5 and lock_strategy = :failed_attempts
Does it work like normal web base.
Currently I'm using device for connect to API,
It's really helpful to get answers.
Thanks a lot.
I get this error in rails
TypeError in Devise::ConfirmationsController#show
nil is not a symbol nor a string
Extracted source (around line #188):
186
187
188
189
190
191
# Handles <tt>*_was</tt> for +method_missing+.
def attribute_was(attr) # :nodoc:
attribute_changed?(attr) ? changed_attributes[attr] : __send__(attr)
end
# Handles <tt>*_previously_changed?</tt> for +method_missing+.
namespace :api do
namespace :v1 do
devise_for :users, defaults: { format: :json }, as: :users
end
end
new_users_user_session GET /api/v1/users/sign_in(.:format) api/v1/sessions#new {:format=>:json}
users_user_session POST /api/v1/users/sign_in(.:format) api/v1/sessions#create {:format=>:json}
Good example but confused about where you set token?
In this way failed_attempts, doesn't work.
@Avatarr in this instance, the tokens are probably set or generated by Devise. This was removed from Devise after 3 for security reasons, though you can use a basic implementation like this one to get the functionality back
getting error
"undefined local variable or method `build_resource' for #Api::SessionsController:0x00000003f885b0"
i'm using devise 3.4.1 in rails 4.1.5, I have removed line 'include Devise::Controllers::InternalHelpers' and extended 'Api::SessionsController' < DeviseController, also I have not included the related file Api::RegistrationsController in my api does it affect ?
so what's the exact cause please clarify.