I'd like my users to be able to use Google Translate with my Rails apps. I have forms and login for the app. I keep getting the Rails InvalidAuthenticityToken when using the app through Google Translate.
Any insights on how i can get both to work? I am using Rails 2.5.x.
Thank you!
PS: To clarify, this the authenticity token works fine without going through Google Translate. I suspect it's something to do with the domain?
This is a feature of rails that prevents cross site scripting attacks. It really depends what you are doing but what you need to do is pass this secret that rails passes in every params hash. Check you log file or server or debug your params and you will see this. It is a really long code.
This code is generate in your environment.rb file so whenever you pass params to your application you need to include this file.
Related
So, I'm very new to this. I got a generated json file from my google developer console that holds information like private keys, client id, token stuff, etc.
Now, I'm trying to use the Google Analytics Report V4 api. I put all my code into a concern, and when I run the code I get this error:
Google::Apis::AuthorizationError: Unauthorized
So I know that I have to authorize my app, but I'm not sure how. I have this json file which appears to have all the information I need to authenticate my app.
After some research, I know that (on the following code) I need to assign analytics.authorization to something, I just don't know to what.
analytics = Google::Apis::AnalyticsreportingV4::AnalyticsReportingService.new
analytics.authorization = ???
Do you know of any method I'm supposed to call that takes in the location of my json file as a parameter or something that can in turn, authorize my rails app?
Thank you so so much if you can help.
I know there are other questions like this. But they use omniauth with devise I think, and I can't do that. I already have a specific context in which users need to be logged in to my app, so logging in with google wouldn't work in my case. Also, other question/answers that don't involve omniauth and devise are outdated or don't have an accepted answer.
I am working on a Rails 5 API only app using JWT tokens.
I'd like to use Rails Admin for internal processes and would like to configure Devise (or Clearance) for auth for staff members instead of integrating JWT tokens with Rails Admin directly.
The problem I have is once I set up Devise or Clearance (the controllers, models, and routes are there) the sign in screens return an empty HTML page.
There are some related issues with Clearance mentioned in https://github.com/thoughtbot/clearance/issues/741 but I've been unable to figure out why the HTML does not load.
The Rails API does exclude some middleware but it's not clear to me which is missing or causing the issue. Thanks.
I solved the problem by converting the Rails API only app to be a normal Rails app. Not the best solution, in my opinion, but it works!
I'm now on level 7 of Hartl's rails tutorial book and I'm starting to think about my application in deployment. It's an app that allows about 12 social workers to communicate collaboratively and privately. Thus, I need to password protect it.
However, it also needs to be easy to use, very easy to use. A few of these people haven't used a computer before, and having logging on and sign-up processes would put them off completely.
Thus I want to create a landing page, where they have to type a password in (the same password for everybody), then it redirects to the 'discussion pages.' My first idea was to use some obfuscated javascript such that upon typing in the password, it redirects them to the discussion pages, but this doesn't sound very secure.
Can anyone recommend me a better way to do this in rails? Ideally they would only have to type it in once, and then it would authenticate them for all the pages automatically (by setting a cookie?) and anyone trying to access a page directly would be redirected to the authentication page.
Cheers in advance
A very simple authentication option is available to you in this situation. I would suggest you watch the Ruby on Railscast episode 270. I think it just maybe what you are looking for.
If you want really simple, you can use authenticate_or_request_with_http_basic
It's not a replacement for a real authentication system, e.g. Devise or AuthLogic however.
I started to use the lockup gem for this purpose:
https://github.com/gblakeman/lockup
It is super easy to setup and almost every user accessing the site should be able to use it.
Does anybody know of a good example I could look at as to how to go about implementing authentication through backbone with rails?
I haven't been able to find anything..
You have several possibilities. First you can log in normally, with plain html. That login would guide you to your backbone.js application.
Another possibility is within your backbone.js app you have a login form that takes advantage of backbone.js's ":authentication_token". When your backbone.js app sends the login info it will get a token back. From then on you are able make ajax calls and receive responses with that token.
EDIT: see this post for an example of working with the token: http://www.hyperionreactor.net/blog/token-based-authentication-rails-3-and-rails-2
What you are looking about rails integration with client-side, except ajax queries and authentication/authorization?
Use the demo app to see how backbone.js is working: http://documentcloud.github.com/backbone/examples/todos/index.html
Found one example app. Trying to figure out what is what atm myself. But might be worth looking: https://github.com/diaspora/diaspora
I'm think something like Facebook apps here. User generated pieces of code that people can write to interact with my app.
I understand how an authenticated API works, but this seems a little more complicated because not only does the APP have to authenticate itself (with a regular api-key) but the USER using the app has to be authenticated somehow too, without giving the app free reign.
I've been reading a bit here to see how FB does it: http://wiki.developers.facebook.com/index.php/How_Facebook_Authenticates_Your_Application
And it looks like you have to pass a signature in addition to the api-key along with every call, but I'm having trouble wrapping my head around how this gets generated and used on the other end (my server).
Figure there must be a simple explanation of this out there? Thanks!
P.S. I'm building a Rails app if there are any applicable gems/plugins.
This may be what I need:
http://github.com/phurni/authlogic_api
Did you have any success with authlogic_api? I'm working on the server-side for a Steam game, where users are logged in through Steam, so I'm only responding to REST calls from the client (no user login required). The rdocs for authlogic_api give some brief set-up info, but I'm struggling with what to do in the application_controller to restrict access; essentially the equivalent of this code from the authlogic example:
http://github.com/binarylogic/authlogic_example/blob/5819a13477797d758cb6871f475ed1c54bf8a3a7/app/controllers/application_controller.rb