Turupawn · February 6, 2021 00:59
diff --git a/gistfile1.txt b/gistfile1.txt
 # Gemfile
 ```
 gem 'devise'
 gem 'simple_token_authentication'
 ```

 ```
 bundle install
 rails generate devise:install
 rails generate devise User
 rails g migration add_authentication_token_to_users "authentication_token:string{1000}:uniq"
 ```

 # app/models/user.rb
 ```
 acts_as_token_authenticable
 ```

 # app/controllers/application_controller.rb
 ```
 acts_as_token_authentication_handler_for User
 protect_from_forgery with :exception
 skip_before_action :verify_authenticity_token, if: :json_request

 protected
 def json_request
  request.format.json?
 end
 ```
 # app/controller/api/v1/my_endpoints_controller.rb
 class Api::V1::MyEndpointsController < ApplicationController
  protect_from_forgery with: :null_session

  def example_endpoint
    user = User.find_by(authentication_token: [params[:user_token]], email: [params[:user_email]])
    unless user
      render json: { error: 'User does not exists' }, status: :unprocessable_entity
      return
    end
    render json: { message: 'Controller action successfully executed' }
  end
 end
 ```

 # app/controller/api/v1/sessions_controller.rb
 ```
 class Api::V1::SessionsController < Devise::SessionsController
  skip_before_action :verify_signed_out_user, only: [:destroy]

  def create
    user = warden.authenticate!({user: params[:user]})
    sign_in(resource_name, user)

    current_user.authentication_token = nil
    current_user.save

    respond_to do |format|
      format.json do
        render json:{
          user: current_user
        }
      end
    end
  end

  def destroy
    respond_to do |format|
      user = User.find_by_authentication_token(params [:authentication_token])
      format.json do
        if user
          user.authentication_token = nil
          user.save
          sign_out(user)
          render nothing: true, status: :ok
        else
          render json: nil, status: :unprocessable_entity
        end
      end
    end
  end
 end
 ```

 # app/controller/api/v1/registrations_controller.rb
 ```
 class Api::V1::RegistrationsController < Devise::SessionsController
  def create
    @user = User.create(user_params)
    if @user.save
      render json: { state: {code: 0}, data: @user }
    else
      render json: { state: {code: 1, messages: @user.errors.full_messages } }
    end
  end

  private

  def user_params
    params.require(:user).permit(:email, :password)
  end
 end
 ```


 curl -H "Content-Type:application/json" -X POST -d'{"user":{"email":"[email protected]","password":"Hello1234"}}' http://localhost:3000/api/v1/users
 curl -H "Content-Type:application/json" -X POST -d'{"user":{"email":"[email protected]","password":"Hello1234"}}' http://localhost:3000/api/v1/users/sign_in
 curl -H "Content-Type:application/json" -X GET -d'{"user_token":"y4U4RXUrBejsSatztSXFs", "user_email":"[email protected]"}' http://localhost:3000/api/v1/my_endpoints/example_endpoint


 ================================================================================

 # Config routes

 ```
 devise_scope :user do
  post 'users', to: 'devise/sessions#create'
 end
 ```
	# Gemfile
	```
	gem 'devise'
	gem 'simple_token_authentication'
	```

	```
	bundle install
	rails generate devise:install
	rails generate devise User
	rails g migration add_authentication_token_to_users "authentication_token:string{1000}:uniq"
	```

	# app/models/user.rb
	```
	acts_as_token_authenticable
	```

	# app/controllers/application_controller.rb
	```
	acts_as_token_authentication_handler_for User
	protect_from_forgery with :exception
	skip_before_action :verify_authenticity_token, if: :json_request

	protected
	def json_request
	request.format.json?
	end
	```
	# app/controller/api/v1/my_endpoints_controller.rb
	class Api::V1::MyEndpointsController < ApplicationController
	protect_from_forgery with: :null_session

	def example_endpoint
	user = User.find_by(authentication_token: [params[:user_token]], email: [params[:user_email]])
	unless user
	render json: { error: 'User does not exists' }, status: :unprocessable_entity
	return
	end
	render json: { message: 'Controller action successfully executed' }
	end
	end
	```

	# app/controller/api/v1/sessions_controller.rb
	```
	class Api::V1::SessionsController < Devise::SessionsController
	skip_before_action :verify_signed_out_user, only: [:destroy]

	def create
	user = warden.authenticate!({user: params[:user]})
	sign_in(resource_name, user)

	current_user.authentication_token = nil
	current_user.save

	respond_to do \|format\|
	format.json do
	render json:{
	user: current_user
	}
	end
	end
	end

	def destroy
	respond_to do \|format\|
	user = User.find_by_authentication_token(params [:authentication_token])
	format.json do
	if user
	user.authentication_token = nil
	user.save
	sign_out(user)
	render nothing: true, status: :ok
	else
	render json: nil, status: :unprocessable_entity
	end
	end
	end
	end
	end
	```

	# app/controller/api/v1/registrations_controller.rb
	```
	class Api::V1::RegistrationsController < Devise::SessionsController
	def create
	@user = User.create(user_params)
	if @user.save
	render json: { state: {code: 0}, data: @user }
	else
	render json: { state: {code: 1, messages: @user.errors.full_messages } }
	end
	end

	private

	def user_params
	params.require(:user).permit(:email, :password)
	end
	end
	```


	curl -H "Content-Type:application/json" -X POST -d'{"user":{"email":"[email protected]","password":"Hello1234"}}' http://localhost:3000/api/v1/users
	curl -H "Content-Type:application/json" -X POST -d'{"user":{"email":"[email protected]","password":"Hello1234"}}' http://localhost:3000/api/v1/users/sign_in
	curl -H "Content-Type:application/json" -X GET -d'{"user_token":"y4U4RXUrBejsSatztSXFs", "user_email":"[email protected]"}' http://localhost:3000/api/v1/my_endpoints/example_endpoint


	================================================================================

	# Config routes

	```
	devise_scope :user do
	post 'users', to: 'devise/sessions#create'
	end
	```