问题描述
限时送ChatGPT账号..我正在开发一个 Rails Web 应用程序,该应用程序还为移动设备提供基于 JSON 的 API.移动客户端应该首先使用(email/pass)获取令牌,然后客户端将使用该令牌进行后续 API 调用.
I am working on a rails web application that also provides JSON based API for mobile devices . mobile clients are expected to first obtain a token with (email/pass), then clients will make subsequential API calls with the token.
我对 Devise 很陌生,我正在寻找一个类似于 authenticate(email, pass) 的 Devise API,并希望它返回真/假,然后基于此我要么创建并交回令牌或返回拒绝消息.但似乎 Devise 没有提供这样的东西.
I am pretty new to Devise, and I am looking for a Devise API look like authenticate(email, pass) and expect it to return true/false, then based on that I will either create and hand back the token or return a decline message. but seems Devise doesn't provide something like this.
我知道 Devise 1.3 提供基于 JSON 的身份验证,但这与我需要的有点不同 - 我需要生成令牌并处理回客户端,然后在使用令牌完成身份验证之后.
I am aware that Devise 1.3 provides JSON based auth, but that's a bit different from what I need - I need to generate token and handle back to client, then after that auth is done using the token instead.
有人可以指点一下吗?
推荐答案
有一个名为 :token_authenticable 的设计配置.因此,如果您将其添加到用户"中的设计方法中,那么您只需调用
There is a devise configuration called :token_authenticatable. So if you add that to the devise method in your "user", then you can authenticate in your API just by calling
"/api/v1/recipes?qs=sweet&auth_token=[@user.auth_token]"
您可能也希望在您的用户中使用此功能:
You'll probably want this in your user as well:
before_save :ensure_authentication_token
更新(带API授权码)
您正在寻找的方法是:
resource = User.find_for_database_authentication(:login=>params[:user_login][:login])
resource.valid_password?(params[:user_login][:password])
这里是我的 gist 和带有设计的完整 JSON/API 登录
这篇关于设计 API 认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
更多推荐
[db:关键词]
发布评论