我工作的一个Rails Web应用程序,还提供了基于JSON API,用于移动设备。移动客户端有望首先获得一个令牌(电子邮件/通),则客户端将与令牌后续API调用。
I am working on a rails web application that also provides JSON based API for mobile devices . mobile clients are expected to first obtain a token with (email/pass), then clients will make subsequential API calls with the token.
我是pretty新设计,我要寻找一个设计API看起来像认证(电子邮件,传递),并希望它返回真/假,然后根据我要么创建和手背令牌或返回一个下降的消息。但似乎设计并没有提供这样的事情。
I am pretty new to Devise, and I am looking for a Devise API look like "authenticate(email, pass) and expect it to return true/false, then based on that I will either create and hand back the token or return a decline message. but seems Devise doesn't provide something like this.
据我所知,制定1.3提供基于JSON权威性,但这是从什么,我需要一个有点不同 - 我需要生成令牌和处理回客户端,那么以后AUTH使用令牌,而不是做
I am aware that Devise 1.3 provides JSON based auth, but that's a bit different from what I need - I need to generate token and handle back to client, then after that auth is done using the token instead.
有人可以请给一些指点?
Can someone please give some pointers?
推荐答案有一个名为有一项配置:token_authenticatable 。所以,如果你添加到色器件的方法在你的用户,然后就可以在你的API中只是通过调用验证
There is a devise configuration called :token_authenticatable. So if you add that to the devise method in your "user", then you can authenticate in your API just by calling
"/api/v1/recipes?qs=sweet&auth_token=[@user.auth_token]"您可能会想这在你的用户,以及:
You'll probably want this in your user as well:
before_save :ensure_authentication_token更新(符合API授权code)
UPDATE (with API authorization code)
您正在寻找的方法是:
resource = User.find_for_database_authentication(:login=>params[:user_login][:login]) resource.valid_password?(params[:user_login][:password])这是我的精神与色器件
更多推荐
制定API认证
发布评论