gpt4 book ai didi

ruby-on-rails - 在 ruby​​ on rails 上创建身份验证 API

转载 作者:数据小太阳 更新时间:2023-10-29 09:00:52 26 4
gpt4 key购买 nike

我正在创建一个基于 unity 引擎的多人游戏,我想使用 Ruby on rails 公开和 api 来注册和验证用户,同时执行登录/注册等常规操作,以及创建房间等我的功能 - 这将作为条目存储在数据库中-

这些简单的操作我希望 api 来处理它,我不只是问一个教程来为用户进行身份验证,我希望有人解释我的 API 机制将如何,我将对用户进行身份验证基于代币,我猜是这样吗?

如果它是正确的,任何人都可以给我一个简单的步骤或对我的案例有用的教程,因为我已经搜索了很多,尤其是当“设计”不再支持身份验证时,据我所知,我不我认为设计不会帮助我登录操作,因为它适用于存在的模型而不是 API。

我希望我已经表达了我的观点,等待你的帮助:)

最佳答案

您可以使用 devisesimple_token_authentication

步骤:

  1. 安装 devise 并使用 devise gem 创建您的可验证模型。

    rails generate devise MODEL
  2. acts_as_token_authenticatable 添加到 MODEL。

    如果要对User(MODEL)进行认证,需要添加如下代码:

    /your_app/app/models/user.rb

    class User < ActiveRecord::Base
    acts_as_token_authenticatable

    # Note: you can include any module you want. If available,
    # token authentication will be performed before any other
    # Devise authentication method.
    #
    # Include default devise modules. Others available are:
    # :confirmable, :lockable, :timeoutable and :omniauthable
    devise :database_authenticatable, :registerable, :confirmable,
    :recoverable, :rememberable, :trackable, :validatable
    end
  3. 添加路由和 Controller

    /your_app/app/controllers/api/base_controller.rb

    class Api::BaseController < ActionController::Base
    self.responder = ApiResponder # Ignore this, just for now.
    respond_to :json
    end

    All your API controllers need to inherit from base controller

    /your_app/app/controllers/api/login_attempts_controller.rb

    class Api::LoginAttemptsController < Api::BaseController
    def create
    respond_with Api::LoginAttempt.new(params[:email], params[:password])
    rescue
    render nothing: true, status: 401
    end
    end

    /your_app/app/models/api/login_attempt.rb

    class Api::LoginAttempt
    include ActiveModel::Serializers::JSON
    attr_accessor :uid, :token

    def initialize(_email, _password)
    user = MobileUser.where(email: _email).first
    raise 'invalid_password' unless user.valid_password? _password
    self.uid = user.email
    self.token = user.authentication_token
    end

    def attributes
    { uid: nil, token: nil }
    end
    end

    You need the LoginAttemptsController (Call it whatever you want) to sign in the user. If the given password and email matches you will get a uid and token to authorize user's future requests.

    /your_app/app/controllers/api/bills_controller.rb

    class Api::BillsController < Api::BaseController
    acts_as_token_authentication_handler_for User

    def show
    respond_with bill
    end

    private

    def bill
    @bill ||= Bill.find(params[:id])
    end
    end

    BillsController it's just a controller to access with an authenticated request. As you can see, you need to add acts_as_token_authentication_handler_for User to protect the controller of unauthorized requests.

    /your_app/config/routes.rb

    Rails.application.routes.draw do
    namespace :api, defaults: { format: :json } do
    resources :login_attempts, only: [:create]
    resources :bills, only: [:show]
    end
    end

流程:

  1. 创建一个 User 实例:User.create!(email: "leandro@example.com")。这将使用 authentication_token: "_-7CtsAxPE5SsdsfzMkY"

    创建一个新用户

    You can create the user using the api. I don't do this here.

  2. 使用用户的电子邮件和密码登录,执行对 /api/login_attemptsPOST 请求。

    enter image description here

  3. 执行授权请求:GET/api/bills/:id 传递 header :

    enter image description here

在这个例子中我使用了:

/your_app/app/serializers/bill_serializer.rb

class BillSerializer < ActiveModel::Serializer
attributes :id, :created_at, :amount
end

关于ruby-on-rails - 在 ruby​​ on rails 上创建身份验证 API,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36106337/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com