Last active
March 11, 2016 16:23
-
-
Save sescobb27/5ce40acada340ab6377c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module API | |
| module V1 | |
| class ClientsController < API::BaseController | |
| # Common logic for User Authentication (create, login, me, logout) | |
| include UserAuth | |
| end | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module UserAuth | |
| include UserConcern | |
| extend ActiveSupport::Concern | |
| included do | |
| prepend_before_action :authenticate!, except: [:login, :create] | |
| end | |
| # POST /api/v1/{resource}/login | |
| def login | |
| safe_params = safe_auth_params | |
| begin | |
| user = resource_model.find_by(username: safe_params[:username]) | |
| rescue ActiveRecord::RecordNotFound | |
| return render nothing: true, status: :bad_request | |
| end | |
| if !user.nil? && user.valid_password?(safe_params[:password]) | |
| token = authenticate_user user | |
| user.tokens << token | |
| render json: { token: token }, status: :ok if user.save | |
| else | |
| render nothing: true, status: :bad_request | |
| end | |
| end | |
| # POST /api/v1/{resource}/logout | |
| def logout | |
| token = auth_token | |
| begin | |
| user = resource_model.find(@current_user_credentials[:id]) | |
| user.tokens.delete token | |
| user.save | |
| rescue ActiveRecord::RecordNotFound | |
| return render nothing: true, status: :unauthorized | |
| end | |
| render nothing: true, status: :ok | |
| end | |
| # GET /api/v1/{resource}/me | |
| def me | |
| # Customer.where('id = :id AND :token = ANY (tokens)', | |
| # id: @current_user_credentials[:id], | |
| # token: auth_token | |
| # ) | |
| user = resource_model | |
| .where(':token = ANY (tokens)', token: auth_token) | |
| .find @current_user_credentials[:id] | |
| return render json: user, status: :ok | |
| rescue ActiveRecord::RecordNotFound | |
| return render nothing: true, status: :unauthorized | |
| end | |
| # POST /api/v1/{resource} | |
| def create | |
| user = resource_model.new(safe_auth_params) | |
| token = authenticate_user user | |
| user.tokens << token | |
| if user.save | |
| token = authenticate_user user | |
| render json: { token: token }, status: :ok | |
| else | |
| render json: { | |
| errors: user.errors.full_messages | |
| }, status: :bad_request | |
| end | |
| end | |
| def safe_user_auth_params | |
| %i(username email password) | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module UserConcern | |
| extend ActiveSupport::Concern | |
| def resource | |
| # > 'API::V1::UsersController'.demodulize | |
| # .underscore | |
| # .sub(/_controller$/, '') | |
| # 'users' | |
| self.class.to_s.demodulize.underscore.sub(/_controller$/, '') | |
| end | |
| def resource_name | |
| # > 'API::V1::UsersController'.demodulize | |
| # .underscore | |
| # .sub(/_controller$/, '') | |
| # .singularize | |
| # 'user' | |
| resource.singularize | |
| end | |
| def resource_model | |
| # > 'API::V1::UsersController'.demodulize | |
| # .underscore | |
| # .sub(/_controller$/, '') | |
| # .classify | |
| # .constantize | |
| # class User < Object { | |
| # :id => :"bson/object_id", | |
| # :_type => :string, | |
| # :confirmation_sent_at => :time, | |
| # :confirmation_token => :object, | |
| # :confirmed_at => :time, | |
| # :created_at => :time, | |
| # :deleted_at => :time, | |
| # :email => :object, | |
| # :encrypted_password => :object, | |
| # :reset_password_sent_at => :time, | |
| # :reset_password_token => :object, | |
| # :token => :array, | |
| # :username => :object | |
| # } | |
| resource.classify.constantize | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment