【发布时间】:2012-12-28 15:02:04
【问题描述】:
我正在尝试使用设计配置:token_authenticable 在我的项目中通过 json 添加身份验证。
我有从这篇文章中获取的工作 sessions_controller#create 代码 - http://blog.codebykat.com/2012/07/23/remote-api-authentication-with-rails-3-using-activeresource-and-devise/
def create
build_resource
resource = User.find_for_database_authentication(:email => params[:email])
return invalid_login_attempt unless resource
if resource.valid_password?(params[:password])
resource.ensure_authentication_token! #make sure the user has a token generated
render :json => { :authentication_token => resource.authentication_token, :user_id => resource.id }, :status => :created
return
end
end
def invalid_login_attempt
warden.custom_failure!
render :json => { :errors => ["Invalid email or password."] }, :success => false, :status => :unauthorized
end
问题是本机设计 session_controller#create 看起来像这样
def create
self.resource = warden.authenticate!(auth_options)
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
end
而且我不知道如何结合这两种创建方法在网站上和通过 json 进行身份验证?
更新
工作代码
def create
respond_to do |format|
format.json do
build_resource
resource = User.find_for_database_authentication(:email => params[:email])
return invalid_login_attempt unless resource
if resource.valid_password?(params[:password])
resource.ensure_authentication_token! #make sure the user has a token generated
render json: { authentication_token: resource.authentication_token, user_id: resource.id }, status: :created
return
end
end
format.html do
self.resource = warden.authenticate!(auth_options)
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
end
end
end
【问题讨论】:
-
我写了一篇关于使用 Devise 的 JSON API 的博文。应该有帮助:jessewolgamott.com/blog/2012/01/19/…
-
@JesseWolgamott OP 要求提供一种同时允许 JSON 和 基于 HTML 的身份验证的解决方案。您的帖子描述了如何做前者而不是后者。
标签: ruby-on-rails api authentication devise