PhoneGap Mobile Rails 身份验证(设计?从头开始身份验证?) [英] PhoneGap Mobile Rails Authentication (devise? authentication from scratch?)

问题描述

我有一个带有 Rails 后端的 PhoneGap 应用程序.我正在尝试找出使用 json 从移动应用程序验证用户的最佳方法.

I have a PhoneGap app with a Rails backend. I'm trying to figure out what the best way is to authenticate a user from the mobile app using json.

我目前正在使用设计，但我不必使用它.修改设计以在 Phonegap 中使用移动应用程序的最简单方法是什么?

I am using devise currently, but I don't have to use that. What would be the most simple way to modify devise to work with a mobile app in Phonegap?

我知道有很多关于这个的帖子......但是，其中一些已经过时或看起来非常复杂.希望可以从一些久经考验的项目或教程中获得更多最新信息.

I know there are quite a few posts on this... but, some of them are outdated or seem like very complex hacks. Hoping there may be more up to date info from some tried and tested projects, or tutorials.

我发现的一篇帖子也建议使用 jsonp，但这似乎也是一个非常复杂的 hack.你可以在这里找到它:http://vimeo.com/18763953

One post I found also suggests using jsonp, but it also seemed like a pretty complex hack. You can find it here: http://vimeo.com/18763953

我还想知道我是否最好从头开始进行身份验证，如本 Railscast 中所述:http://railscasts.com/episodes/250-authentication-from-scratch

I'm also wondering if I would just be better off starting out with authentication from scratch, as laid out in this Railscast: http://railscasts.com/episodes/250-authentication-from-scratch

谢谢！

推荐答案

你应该覆盖 devise 的 会话 和注册控制器.我只会向您展示如何覆盖会话控制器:

You should override devise's sessions and registrations controller. I'll only show you how to override the sessions controller:

首先，转到您的 User 模型并添加 Token Authenticatable 模块.像这样:

First, go to your User model and add the Token Authenticatable module. Something like this:

devise :token_authenticatable

before_save :ensure_authentication_token

然后编辑您的 devise.rb 文件以配置该模块:

Then edit your devise.rb file to configure that module:

# You can skip storage for :http_auth and :token_auth by adding those symbols to the array below.
config.skip_session_storage = [:token_auth]

# Defines name of the authentication token params key
config.token_authentication_key = :auth_token

现在编辑您的路线并指向您的新控制器:

Now edit your routes and point to your new controllers:

devise_for :users, :controllers => { :registrations => 'registrations', :sessions => 'sessions' }

然后像这样创建你的控制器:

And then create your controller like this:

class SessionsController < Devise::SessionsController
  def create
    respond_to do |format|
      format.html {
        super
      }
      format.json {
        build_resource
        user = User.find_for_database_authentication(:email => params[:user][:email])
        return invalid_login_attempt unless resource

        if user.valid_password?(params[:user][:password])
          render :json => { :auth_token => user.authentication_token }, success: true, status: :created
        else
          invalid_login_attempt
        end
      }
    end
  end

  def destroy
    respond_to do |format|
      format.html {
        super
      }
      format.json {
        user = User.find_by_authentication_token(params[:auth_token])
        if user
          user.reset_authentication_token!
          render :json => { :message => 'Session deleted.' }, :success => true, :status => 204
        else
          render :json => { :message => 'Invalid token.' }, :status => 404
        end
      }
    end
  end

  protected
  def invalid_login_attempt
    warden.custom_failure!
    render json: { success: false, message: 'Error with your login or password' }, status: 401
  end
end

Devise 有一个关于这个的页面，但它只指向一些已经过时的指南.但也许它会帮助你.

Devise has a page about this, but it only points to some already outdated guides. But maybe it will help you.

这篇关于PhoneGap Mobile Rails 身份验证(设计?从头开始身份验证?)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！