Adding token-authenticatable to user

This commit is contained in:
Tyler Renelle 2012-02-14 09:31:38 -05:00
parent d415102cf2
commit 02d15cccf4
5 changed files with 61 additions and 2 deletions

View file

@ -6,7 +6,7 @@ class HabitsController < ApplicationController
@user = current_user
respond_to do |format|
format.html # index.html.erb
format.json { render json: @user }
format.json { render json: { habits: @user.habits, user: @user } }
end
end

View file

@ -0,0 +1,48 @@
class TokensController < ApplicationController
skip_before_filter :verify_authenticity_token
respond_to :json
def create
email = params[:email]
password = params[:password]
if request.format != :json
render :status=>406, :json=>{:message=>"The request must be json"}
return
end
if email.nil? or password.nil?
render :status=>400,
:json=>{:message=>"The request must contain the user email and password."}
return
end
@user=User.find_by_email(email.downcase)
if @user.nil?
logger.info("User #{email} failed signin, user cannot be found.")
render :status=>401, :json=>{:message=>"Invalid email or passoword."}
return
end
# http://rdoc.info/github/plataformatec/devise/master/Devise/Models/TokenAuthenticatable
@user.ensure_authentication_token!
if not @user.valid_password?(password)
logger.info("User #{email} failed signin, password \"#{password}\" is invalid")
render :status=>401, :json=>{:message=>"Invalid email or passoword."}
else
render :status=>200, :json=>{:token=>@user.authentication_token}
end
end
def destroy
@user=User.find_by_authentication_token(params[:id])
if @user.nil?
logger.info("Token not found.")
render :status=>404, :json=>{:message=>"Invalid token."}
else
@user.reset_authentication_token!
render :status=>200, :json=>{:token=>params[:id]}
end
end
end

View file

@ -2,7 +2,8 @@ class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
:recoverable, :rememberable, :trackable, :validatable,
:token_authenticatable
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, :lvl, :exp, :money

View file

@ -9,6 +9,7 @@ HabitTracker::Application.routes.draw do
end
devise_for :users
resources :tokens,:only => [:create, :destroy]
# The priority is based upon order of creation:
# first created -> highest priority.

View file

@ -0,0 +1,9 @@
class AddTokenAuthentication < ActiveRecord::Migration
def up
add_column :users, :authentication_token, :string
end
def down
remove_column :users, :authentication_token
end
end