1. 首頁
  2. 問答
  3. 驗證設計

驗證設計

2013-09-28 82 views
0

我希望能夠簡單地確定是否在我創建的iOS應用中正確提供了用戶憑據。驗證設計

我現在安裝它的方式是使用會話句柄控制器來處理並返回用戶令牌。問題是如果我還想通過網絡登錄(不只是通過捲曲或類似的檢查),它不驗證和吐出

{「success」:false,「message」:「Error with你的登錄名或密碼「}

所以我的問題是...我怎麼做認證,並仍然保持我的網絡登錄運作?這是我的相關文件。我的希望是我可以捲曲到像localhost:3000/auth_checks這樣的URL,並獲得一種類型的身份驗證響應,並繼續讓我的用戶通過localhost:3000/sign_in登錄。

從devise.rb

config.skip_session_storage = [:http_auth, :token_auth] 
config.token_authentication_key = :auth_token

從routes.rb中

resources :clippings 
    root to: 'clippings#index' 
    #devise_for :users 

    resources :auth_checks 
    devise_for(:users, :controllers => { :sessions => "sessions" }) 


    resources :posts do 
    end

從auth_checks_controller.rb

class AuthChecksController < ApplicationController 

before_filter :authenticate_user! 

    # GET /auth_checks 
    # GET /auth_checks.json 
    def index 
    @auth_checks = AuthCheck.all 

    respond_to do |format| 
     format.html # index.html.erb 
     format.json { render json: @auth_checks } 
    end 
    end 

    # GET /auth_checks/1 
    # GET /auth_checks/1.json 
    def show 
    @auth_check = AuthCheck.find(params[:id]) 

    respond_to do |format| 
     format.html # show.html.erb 
     format.json { render json: @auth_check } 
    end 
    end 

    # GET /auth_checks/new 
    # GET /auth_checks/new.json 
    def new 
    @auth_check = AuthCheck.new 

    respond_to do |format| 
     format.html # new.html.erb 
     format.json { render json: @auth_check } 
    end 
    end 

    # GET /auth_checks/1/edit 
    def edit 
    @auth_check = AuthCheck.find(params[:id]) 
    end 

    # POST /auth_checks 
    # POST /auth_checks.json 
    def create 
    @auth_check = AuthCheck.new(params[:auth_check]) 

    respond_to do |format| 
     if @auth_check.save 
     format.html { redirect_to @auth_check, notice: 'Auth check was successfully created.' } 
     format.json { render json: @auth_check, status: :created, location: @auth_check } 
     else 
     format.html { render action: "new" } 
     format.json { render json: @auth_check.errors, status: :unprocessable_entity } 
     end 
    end 
    end 

    # PUT /auth_checks/1 
    # PUT /auth_checks/1.json 
    def update 
    @auth_check = AuthCheck.find(params[:id]) 

    respond_to do |format| 
     if @auth_check.update_attributes(params[:auth_check]) 
     format.html { redirect_to @auth_check, notice: 'Auth check was successfully updated.' } 
     format.json { head :no_content } 
     else 
     format.html { render action: "edit" } 
     format.json { render json: @auth_check.errors, status: :unprocessable_entity } 
     end 
    end 
    end 

    # DELETE /auth_checks/1 
    # DELETE /auth_checks/1.json 
    def destroy 
    @auth_check = AuthCheck.find(params[:id]) 
    @auth_check.destroy 

    respond_to do |format| 
     format.html { redirect_to auth_checks_url } 
     format.json { head :no_content } 
    end 
    end 
end

來源

2013-09-28 loopifnil

+0

試試這個:http://stackoverflow.com/questions/13623562/phonegap-mobile-rails-authentication-devise-authentication-from-scratch/13632264#13632264 – Ashitaka

回答

0

學到很多東西......這裏就是我終於實現了。如果你處於這個位置,我強烈建議你花時間(不是很多)來做這個方法。 http://www.cocoahunter.com/blog/2013/02/13/restful-api-authentication/

如果你和我一樣,你已經有了一個使用標準設計登錄結構的用戶庫。

我將此添加到我的routes.rb

namespace :api do 
     namespace :v1 do 
     resources :tokens,:only => [:create, :destroy] 
     end 
    end

然後創建並添加tokens_controller.rb控制器內部/ API/V1 /(我創建的)

# encoding: utf-8 
class Api::V1::TokensController < ApplicationController 
    skip_before_filter :verify_authenticity_token 
    respond_to :json 
    def create 
     email = params[:email] 
     password = params[:password] 
     if request.format != :json 
     render :status=>406, :json=>{:message=>"The request must be json"} 
     return 
     end 

    if email.nil? or password.nil? 
     render :status=>400, 
       :json=>{:message=>"The request must contain the user email and password."} 
     return 
    end 

    @user=User.find_by_email(email.downcase) 

    if @user.nil? 
     logger.info("User #{email} failed signin, user cannot be found.") 
     render :status=>401, :json=>{:message=>"Invalid email or passoword."} 
     return 
    end 

    # http://rdoc.info/github/plataformatec/devise/master/Devise/Models/TokenAuthenticatable 
    @user.ensure_authentication_token! 

    if not @user.valid_password?(password) 
     logger.info("User #{email} failed signin, password \"#{password}\" is invalid") 
     render :status=>401, :json=>{:message=>"Invalid email or password."} 
    else 
     render :status=>200, :json=>{:token=>@user.authentication_token} 
    end 
    end 

    def destroy 
    @user=User.find_by_authentication_token(params[:id]) 
    if @user.nil? 
     #logger.info(「Token wasnot found.」) 
     #render :status=>404, :json=>{:message=>」Invalid token.」} 
    else 
     @user.reset_authentication_token! 
     render :status=>200, :json=>{:token=>params[:id]} 
    end 
    end 

end

這是字面上所有我不得不做。我現在可以從我的iOS應用程序對此api進行身份驗證測試。希望對那裏的人有意義!

來源

2013-09-29 05:09:54 loopifnil

相關問題

 相關問題