Rails + Devise HTTP header token -

-

i have in devise config following line enable token authentication in http header:

config.http_authenticatable = [:token]

however, whenever try access resource, receive 401 when running following:

curl -v -h "accept: application/json" -h "content-type: application/json" -h "authorization: token token=\"c9g52z6n6lpgt5ls6omw\"" http://localhost:3000/api/v1/objects/

as proof token correct, following works:

curl -v -h "accept: application/json" -h "content-type: application/json" http://localhost:3000/api/v1/objects?auth_token=c9g52z6n6lpgt5ls6omw

has managed token authentication in http header working? can't find information on apart from:

http://api.rubyonrails.org/classes/actioncontroller/httpauthentication/token.html https://groups.google.com/forum/#!topic/plataformatec-devise/o3gqgl0yuzo

my implementation based on post , gist.

user.rb

class user < activerecord::base    devise :database_authenticatable,           :recoverable, :rememberable, :trackable, :validatable    before_create :set_auth_token    private      def set_auth_token       return if auth_token.present?        begin         self.auth_token = securerandom.hex       end while self.class.exists?(auth_token: self.auth_token)     end  end

api_controller.rb

class apicontroller < applicationcontroller    before_action :authenticate    protected      def authenticate       authenticate_token || render_unauthorized     end      def authenticate_token       authenticate_with_http_token |token, options|         user = user.find_by(auth_token: token)          if user           sign_in user, store: false         end          user       end     end      def render_unauthorized       self.headers['www-authenticate'] = 'token realm="application"'       render json: 'bad credentials', status: 401     end  end

Comments

Post a Comment

Popular posts from this blog

c# - How Configure Devart dotConnect for SQLite Code First? -

-
can configure following sample code ? when run following code, error : no entity framework provider found ado.net provider invariant name 'devart.data.sqlite' setting in machine.config <system.data> <dbproviderfactories> <add name="dotconnect sqlite" invariant="devart.data.sqlite" description="devart dotconnect sqlite" type="devart.data.sqlite.sqliteproviderfactory, devart.data.sqlite, version=4.6.287.0, culture=neutral, publickeytoken=09af7300eec23701" /> </dbproviderfactories> </system.data> after add below block code in app.config <?xml version="1.0"?> <configuration>   <configsections> <!-- more information on entity framework configuration, visit http://go.microsoft.com/fwlink/?linkid=237468 --> <section name="entityframework" type="system.data.entity.internal.configfile.entityframeworksection, entit...
Read more

c++ - Clear the memory after returning a vector in a function -

-
i have function processes , stores lot of data in , returns results vector of class. amount of data stored in function tremendous , want clear storage memory of function after finished job. necessary (does function automatically clear memory) or should clear memory function? update: vector<customers> process(char* const *filename, vector<int> id) { vector<customers> list_of_customers; (perform actions) return list_of_customers; } variables defined locally within function automatically released @ end of function scope. destructors objects called, should free memory allocated objects (if objects coded correctly). example of such object std::vector . anything you've allocated new must have corresponding delete release storage. try avoid doing own allocation , use raii instead, i.e. containers or smart pointers.
Read more

erlang - Saving a digraph to mnesia is hindered because of its side-effects -

-
updated the digraph library in erlang implements data type side-effectful. each operation on data type saves new state in ets table -- instead of returning altered version of itself, more common in functional languages. the problem usage perspective, impedes effort store or pass around state in convenient way requiring me first "collect" state before can start juggle around. the closest solution have seen far serializer/deserializer , these have drawback tied current structure of digraphs instead of operating on abstract type -- prevents future proof solution. update pascal pointed out serializer utilizes interface of digraph, , hence eliminates drawback mentioned above. better, albeit still inconvenient, see no better alternative. what recommendation on how store digraphs? should go different data type altogether? thanks. i not sure understand concern. fact digraph stored in ets transparent in user interface, might want chnge either exchange digr...
Read more