I am developing an web app that will be used by iphone app. I use devise as authentication and i can create a new user, login as the user and when login is done it gives out
{"user":{"authentication_token":"xxxxxxxxxxxxxxxxxx","email":"sample#example.com"}}
but how can i change the password using json.
Most likely you will need to build an API for this, utilizing Devises JSON (Warden) to respond to JSON etc
reference to help point you in the right direction creating sessions with devise
Searching SO also yields
Ajax login with devise
Related
I have an application running Rails 4, Devise and Omniauth (Facebook). Everything works fine.
Now I want to create an IOS app to access this database. I planned to do this using JSON requests to fetch and post data to Rails RESTfull resources that I have.
Before I start writing the IOS app, I tried to test retrieving data from the web app, using cURL on command line (JSON requests), but Devise always reject me saying that I have to authenticate first.
How should I do this? How to authenticate, using JSON requests, using Facebook username/password and access the data from the Rails app?
Or am I thinking all wrong and I should do this in a different way?
You must create Facebook APP
You have to use Facebook SDK for login in Facebook
In the app using SDK you have to make login in the facebook
After a successful login facebook return "access token" for api requests.
"access token" you must send on the server with ruby on rails.
You have to use gem "koala" or other for access to facebook api using this "access token".'
6.1 As first step you must get user information from facebook. (you will have facebook UID, and may be email.)
6.2 Then you must find current user in your DB and login using Devise method sign_in
Also you have to seen this gem
https://github.com/lynndylanhurley/devise_token_auth
I'm building an iOS app with Rails on the back-end.
The Rails application uses Devise for authentication and I want to use the same service for the authentication on the iOS app. Is there any way that after authenticating, keeping the session even after the app restarts, so that it goes straight to the content of the app instead of the login screen?
I've looked around, but haven't found a clear answer.
Thanks on advance!
One solution could be to extend the existing devise models and controllers to also handle a token based authentication system. Based on the request type html or json, the app can choose to authenticate a user either by the authentication token and email or a combination of username/email and password.
The authentication token could could be saved on the client side and reset only when the user logs out.
I was recently working on the same problem and found these sources to be extremely useful.
https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
http://www.soryy.com/blog/2014/apis-with-devise/
https://github.com/lynndylanhurley/devise_token_auth
I'm building a REST api using Rails 4 to be used in a mobile application. I'm using devise for Users.
Api operations will only be accesible by logged in users.
I've been looking how to perform this.
1. The first solution I see is using token_authentication but it has been disabled by devise.
2. If I try to log-in using normal controllers I get a "Can't verify CSRF token authenticity"
How should I proceed?
Add skip_before_filter :verify_authenticity_token to your API controller.
But true way for this case it's https://github.com/doorkeeper-gem/doorkeeper
I have created a simple API for a Rails application using token-based-authentication that supports User Log In and Log Out and a couple of other actions to update a User's status. I want this API to be used by devices running iOS. I have based my code on the example found here. In addition to allowing a device to login and update a User's status I would like new users to be able to Sign Up from the device. However looking at Devise's helper class I can't see any methods that support Sign Up, only Log In and Log Out.
Has anyone managed to implement Sign Up through an API? Are there any security issues with allowing this? How should I approach this?
Sign up from an iOS device is really just a (JSON?) POST to the User resource using a different format responder.
This data is passed in the clear from an iOS device, so make sure you use https on these routes if you're worried about security.
I am using HTTP authentication to sign_in and sign_out. It works great. However, I want to allow users to sign_up for a new account from my mobile app and then send that over using POST and in JSON format. What do I have to do to make this work?
I am using Devise for authentication for my Rails app.
You can POST an http-request with your username/password parameters to your login controller action (which could be as simple as requesting /login?user=foo&pass=bar), specifying .json format (using respond_to). You may need to include the CSRF, too. And I'm assuming here, since you didn't specify the mobile platform or post any code, that you've got the 'making the actual request' part down.