dukeimg · April 19, 2016 16:52
diff --git a/routes.rb b/routes.rb
 Rails.application.routes.draw do
  mount_devise_token_auth_for 'User', at: 'auth', controllers: {
      sessions:  'overrides/sessions'
  }
  root 'application#angular'
  resource :messages

  # Redirect anything to root
  get '*path' => redirect('/')

  # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html

  # Serve websocket cable requests in-process
  # mount ActionCable.server => '/cable'
 end
diff --git a/sessions_controller.rb b/sessions_controller.rb
 module Overrides
  class SessionsController < DeviseTokenAuth::SessionsController
    def create
      # Check
      field = (resource_params.keys.map(&:to_sym) & resource_class.authentication_keys).first

      @resource = nil
      if field
        q_value = resource_params[field]

        if resource_class.case_insensitive_keys.include?(field)
          q_value.downcase!
        end

        q = "#{field.to_s} = ? AND provider='username'"

        if ActiveRecord::Base.connection.adapter_name.downcase.starts_with? 'mysql'
          q = "BINARY " + q
        end

        @resource = resource_class.where(q, q_value).first
      end

      if @resource and valid_params?(field, q_value) and @resource.valid_password?(resource_params[:password]) and ([email protected]_to?(:active_for_authentication?) or @resource.active_for_authentication?)
        # create client id
        @client_id = SecureRandom.urlsafe_base64(nil, false)
        @token     = SecureRandom.urlsafe_base64(nil, false)

        @resource.tokens[@client_id] = {
            token: BCrypt::Password.create(@token),
            expiry: (Time.now + DeviseTokenAuth.token_lifespan).to_i
        }
        @resource.save

        sign_in(:user, @resource, store: false, bypass: false)

        yield if block_given?

        render_create_success
      elsif @resource and not ([email protected]_to?(:active_for_authentication?) or @resource.active_for_authentication?)
        render_create_error_not_confirmed
      else
        render_create_error_bad_credentials
      end
    end
  end
 end
	Rails.application.routes.draw do
	mount_devise_token_auth_for 'User', at: 'auth', controllers: {
	sessions: 'overrides/sessions'
	}
	root 'application#angular'
	resource :messages

	# Redirect anything to root
	get '*path' => redirect('/')

	# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html

	# Serve websocket cable requests in-process
	# mount ActionCable.server => '/cable'
	end
	module Overrides
	class SessionsController < DeviseTokenAuth::SessionsController
	def create
	# Check
	field = (resource_params.keys.map(&:to_sym) & resource_class.authentication_keys).first

	@resource = nil
	if field
	q_value = resource_params[field]

	if resource_class.case_insensitive_keys.include?(field)
	q_value.downcase!
	end

	q = "#{field.to_s} = ? AND provider='username'"

	if ActiveRecord::Base.connection.adapter_name.downcase.starts_with? 'mysql'
	q = "BINARY " + q
	end

	@resource = resource_class.where(q, q_value).first
	end

	if @resource and valid_params?(field, q_value) and @resource.valid_password?(resource_params[:password]) and ([email protected]_to?(:active_for_authentication?) or @resource.active_for_authentication?)
	# create client id
	@client_id = SecureRandom.urlsafe_base64(nil, false)
	@token = SecureRandom.urlsafe_base64(nil, false)

	@resource.tokens[@client_id] = {
	token: BCrypt::Password.create(@token),
	expiry: (Time.now + DeviseTokenAuth.token_lifespan).to_i
	}
	@resource.save

	sign_in(:user, @resource, store: false, bypass: false)

	yield if block_given?

	render_create_success
	elsif @resource and not ([email protected]_to?(:active_for_authentication?) or @resource.active_for_authentication?)
	render_create_error_not_confirmed
	else
	render_create_error_bad_credentials
	end
	end
	end
	end