PhoneGap Mobile Rails身份验证（从头开始设计？ [英] PhoneGap Mobile Rails Authentication (devise? authentication from scratch?)

问题描述

我有一个PhoneGap应用程序与Rails后端。我试图找出最好的方法是使用json从移动应用程序验证用户。

我目前使用devise，但我不必使用。什么是最简单的方法来修改设计以使用Phonegap中的移动应用程序？

我知道有很多帖子在这...但是，其中一些是过时的，或者看起来像非常复杂的黑客。希望有一些经过试验和测试的项目或教程更新的最新信息。

我发现一个帖子也建议使用jsonp，但它也似乎是一个非常复杂的黑客。您可以在这里找到它： http://vimeo.com/18763953

我也想知道，如果我从头开始使用身份验证，就像这个Railscast中所述： http://railscasts.com/episodes/250-authentication-from-scratch

谢谢！ p>

解决方案

您应该覆盖devise的会话和注册控制器。我将只显示如何覆盖会话控制器：

首先，转到您的用户模型并添加令牌认证模块。像这样：

  devise：token_authenticatable 
 
 before_save：ensure_authentication_token 
  

然后编辑devise.rb文件以配置该模块：

 ＃您可以通过将以下符号添加到以下数组来跳过以下内容的存储：http_auth和：token_auth。 
 config.skip_session_storage = [：token_auth] 
 
＃定义身份验证令牌的名称params key 
 config.token_authentication_key =：auth_token 
  
 
 
 
现在编辑您的路线并指向您的新控制器：
  devise_for：users，：controllers => {：registrations => 'registrations'，：sessions => 'sessions'} 
  
然后按如下所示创建控制器：
  class SessionsController< Devise :: SessionsController 
 def create 
 respond_to do | format | 
 format.html {
 super 
} 
 format.json {
 build_resource 
 user = User.find_for_database_authentication（：email => params [：user ] 
 return invalid_login_attempt除非资源
 
如果user.valid_password？（params [：user] [：password]）
 render：json => {：auth_token => user.authentication_token}，success：true，status：：created 
 else 
 invalid_login_attempt 
 end 
} 
 end 
 end 
 $ b b def destroy 
 respond_to do | format | 
 format.html {
 super 
} 
 format.json {
 user = User.find_by_authentication_token（params [：auth_token]）
如果用户
 user.reset_authentication_token！ 
 render：json => {：message => 'session deleted。'}，：success => true，：status => 204 
 else 
 render：json => {：message => 令牌无效。}，：status => 404 
 end 
} 
 end 
 end 
 
 protected 
 def invalid_login_attempt 
 warden.custom_failure！ 
 render json：{success：false，message：'登录或密码错误}}，状态：401 
 end 
 end 
  pre> 
 
 
设计有一个关于此的页面，但它只指向一些已经过时的指南。但也许它会帮助你。
 
I have a PhoneGap app with a Rails backend. I'm trying to figure out what the best way is to authenticate a user from the mobile app using json.

I am using devise currently, but I don't have to use that. What would be the most simple way to modify devise to work with a mobile app in Phonegap? 

I know there are quite a few posts on this... but, some of them are outdated or seem like very complex hacks. Hoping there may be more up to date info from some tried and tested projects, or tutorials. 

One post I found also suggests using jsonp, but it also seemed like a pretty complex hack. You can find it here: http://vimeo.com/18763953

I'm also wondering if I would just be better off starting out with authentication from scratch, as laid out in this Railscast: http://railscasts.com/episodes/250-authentication-from-scratch

Thanks!
解决方案
You should override devise's sessions and registrations controller. I'll only show you how to override the sessions controller:

First, go to your User model and add the Token Authenticatable module. Something like this:
devise :token_authenticatable

before_save :ensure_authentication_token
Then edit your devise.rb file to configure that module:
# You can skip storage for :http_auth and :token_auth by adding those symbols to the array below.
config.skip_session_storage = [:token_auth]

# Defines name of the authentication token params key
config.token_authentication_key = :auth_token
Now edit your routes and point to your new controllers:
devise_for :users, :controllers => { :registrations => 'registrations', :sessions => 'sessions' }
And then create your controller like this:
class SessionsController < Devise::SessionsController
  def create
    respond_to do |format|
      format.html {
        super
      }
      format.json {
        build_resource
        user = User.find_for_database_authentication(:email => params[:user][:email])
        return invalid_login_attempt unless resource

        if user.valid_password?(params[:user][:password])
          render :json => { :auth_token => user.authentication_token }, success: true, status: :created
        else
          invalid_login_attempt
        end
      }
    end
  end

  def destroy
    respond_to do |format|
      format.html {
        super
      }
      format.json {
        user = User.find_by_authentication_token(params[:auth_token])
        if user
          user.reset_authentication_token!
          render :json => { :message => 'Session deleted.' }, :success => true, :status => 204
        else
          render :json => { :message => 'Invalid token.' }, :status => 404
        end
      }
    end
  end

  protected
  def invalid_login_attempt
    warden.custom_failure!
    render json: { success: false, message: 'Error with your login or password' }, status: 401
  end
end
Devise has a page about this, but it only points to some already outdated guides. But maybe it will help you.

                        
这篇关于PhoneGap Mobile Rails身份验证（从头开始设计？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！