Created
November 2, 2014 15:25
-
-
Save mankind/5d49e7754f55230d5e61 to your computer and use it in GitHub Desktop.
devise session controller
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class SessionsController < Devise::SessionsController | |
#fix Filter chain halted as :require_no_authentication | |
prepend_before_filter :require_no_authentication, :only => [ :new, :create, :cancel ] | |
#to tackle: Filter chain halted as :verify_signed_out_user | |
skip_before_filter :verify_signed_out_user, only: :destroy | |
# disable it for everything except a few methods | |
#skip_before_action :verify_authenticity_token, :only => :create | |
#skip_before_action :verify_authenticity_token | |
respond_to :json, :html | |
def create | |
resource = User.find_for_database_authentication(:email => params[:email]) | |
return failure unless resource | |
if resource.valid_password?(params[:password]) | |
sign_in(:user, resource) | |
#render :json=> {:success => true, :token => resource.authentication_token} | |
#return | |
render :json => {:user => UserSerializer.new(resource).as_json[:user]}, status: 201 | |
end | |
end | |
=begin | |
def create | |
warden.authenticate!(auth_options) | |
#render :json => {:user => UserSerializer.new(self.resource).as_json[:user], status: 201 } | |
render :status => 200, | |
:json => { :data => { :auth_token => current_user.authentication_token } } | |
end | |
=end | |
=begin | |
def create | |
logger.info("session controller token: #{form_authenticity_token}") | |
logger.info("session controller params from embr: #{params}") | |
logger.info("session request header csrf: #{request.env['HTTP_X-CSRF-TOKEN']}") | |
logger.info("session csrf: #{request.headers['X-CSRF-Token']}") | |
self.resource = warden.authenticate!(auth_options) | |
if sign_in(resource_name, resource) | |
respond_to do |format| | |
format.html { super } | |
format.json do | |
data = { | |
auth_token: self.resource.authentication_token, | |
email: self.resource.email, | |
id: self.resource.id | |
} | |
#render json: data, status: 201 | |
render :json => {:user => UserSerializer.new(self.resource).as_json[:user], request_forgery_protection_token => form_authenticity_token } | |
#render :json => {:user => UserSerializer.new(self.resource).as_json[:user], status: 201 } | |
end | |
end #closes respond_to | |
else | |
#respond_with(errors: {email: "invalid email or password"}, status: :unprocessable_entity) | |
render json: {errors: self.resource.errors}, :status => 422 | |
end | |
end #closes create | |
=end | |
=begin | |
def create | |
respond_to do |format| | |
format.html { super } | |
format.json do | |
self.resource = warden.authenticate!(auth_options) | |
sign_in(resource_name, resource) | |
data = { | |
user_token: self.resource.authentication_token, | |
user_email: self.resource.email | |
} | |
#render json: data, status: 201 | |
render :json => {:user => UserSerializer.new(self.resource).as_json[:user], status: 201 } | |
end | |
end | |
end | |
=end | |
def destroy | |
logger.info("current user #{current_user}") | |
current_user.reset_authentication_token! | |
Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name) | |
respond_to do |format| | |
format.html { super } | |
format.json do | |
render json: nil, status: 201 | |
end | |
end | |
end #closes destroy | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment