I am working on a rails web application that also provides JSON based API for mobile devices . mobile clients are expected to first obtain a token with (email/pass), then clients will make subsequential API calls with the token.
I am pretty new to Devise, and I am looking for a Devise API look like authenticate(email, pass)
and expect it to return true/false, then based on that I will either create and hand back the token or return a decline message. but seems Devise doesn't provide something like this.
I am aware that Devise 1.3 provides JSON based auth, but that's a bit different from what I need - I need to generate token and handle back to client, then after that auth is done using the token instead.
Can someone please give some pointers?
There is a devise configuration called :token_authenticatable
. So if you add that to the devise method in your "user", then you can authenticate in your API just by calling
"/api/v1/recipes?qs=sweet&auth_token=[@user.auth_token]"
You'll probably want this in your user as well:
before_save :ensure_authentication_token
UPDATE (with API authorization code)
The method you're looking for are:
resource = User.find_for_database_authentication(:login=>params[:user_login][:login])
resource.valid_password?(params[:user_login][:password])