I am following this wonderful article to configure the authentication part of my rail (3.2) API:
http://blog.joshsoftware.com/2011/12/23/designing-rails-api-using-rabl-and-devise/
I took the next step:
-Added to Gemfile
-Enabled for user model and performed required migrations
- My user model
class User < ActiveRecord::Base devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable devise :token_authenticatable attr_accessible :email, :authentication_token, :password, :password_confirmation, :remember_me end
as well as token_authenticable in the database (via migration).
-Subclassed RegistrationController using:
class RegistrationsController < Devise::RegistrationsController def new super end def create resource = warden.authenticate!(:scope => resource_name, :recall => " {controller_path}#new") sign_in(resource_name, resource) current_user.reset_authentication_token! respond_with resource, :location => after_sign_in_path_for(resource) end def update super end end
-In routes.rb, I have:
devise_for :users, :controllers => {:registrations => "registrations"}
CREATING A USER
I need the following request to create a user and send the authentification_token file:
curl -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"user":{"email":" email@gmail.com ", "password":"pass"}}' 'http://localhost:3000/users.json
I understand that the logic should go in the method of "creating" the registration controller (which should create the user and at the same time log into the system). I think I should be wrong, as the message I received in return:
{"error":"You need to sign in or sign up before continuing."}
What is the missing part to create and register a new user? Not a POST for users. Json mapped to RegistrationController # create?
USER LOGIN
In addition, I would like the following request to register the user (by sending it back through authentification_token after checking the login / password)
curl -H "Accept: application/json" -H "Content-type: application/json" -X GET -d '{"user":{"email":" email@gmail.com ","password":"pass"}}' 'http://localhost:3000/users.json
I assume that the logic should go in the βupdateβ of the RegistrationController method, but not 100% sure about that. After the login is completed, I will then add token authentication to protect the creation / viewing of some other models.
UPDATE
When I go out:
curl -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"user":{"email":" email@gmail.com ", "password": "mypass", "phone":"1234567890"}}' 'http://localhost:3000/users.json'
The following message appeared:
Started POST "/users.json" for 127.0.0.1 at 2012-03-11 20:50:05 +0100 Processing by RegistrationsController#create as JSON Parameters: {"user"=>{"email"=>" email@gmail.com ", , "password"=>"[FILTERED]", "phone"=>"1234567890"}, "registration"=>{"user"=>{"email"=>" email@gmail.com ", "password"=>"[FILTERED]", "phone"=>"1234567890"}, "action"=>"create", "controller"=>"registrations", "format"=>"json"}} WARNING: Can't verify CSRF token authenticity Completed 401 Unauthorized in 1ms
Any ideas why the user is not created and not signed and why there is no Token authentication?