如何使用邮递员请求受设计保护的API? [英] How to use postman to request an API that is protected with devise?
问题描述
我有一个使用devise的rails应用程序,开始时只是使用rails。现在,我使用gem react-rails添加一些react ..简而言之,我有一个这样的API控制器
I have a rails app using devise, in the beggining it was just using rails. Now i am adding some react using the gem react-rails.. To make the story short i have an API controller like this
class Api::CustomersController < ApplicationController
skip_before_action :verify_authenticity_token
before_action :authenticate_user!
def index
customers = Customer.all
render json: customers, status: :ok
end ....
,我想使用POSTMAN访问该信息或测试我的API。当然,当我尝试该应用程序时,只需将我重定向到登录页面,因为现在,问题是:我可以使用邮递员访问该API URL吗?怎么样?
and i want to access that info or test my API using POSTMAN.. Of course when i try the app just redirect me to the login page because of the "before_action :authenticate_user!".. Now the question is: Can i access to that API URL using postman? how?
预先感谢
推荐答案
这与<主要是code> devise 。
您需要生成 auth_token
为每个用户
(当然,还要为其创建唯一的数据库迁移),并使用 Authorization
对用户进行身份验证
You'll need to generate an auth_token
for each user
(and of course, create a db migration for it with uniqueness) and authenticate your user using Authorization
header.
否则,您可以从以下位置检查 devise
令牌解决方案: https://github.com/plataformatec/devise/wiki/操作方法:-简单令牌身份验证示例
Otherwise, you can check the devise
tokens solutions from here: https://github.com/plataformatec/devise/wiki/How-To:-Simple-Token-Authentication-Example
这篇关于如何使用邮递员请求受设计保护的API?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!