Removed Signup, Fixed Base controller authentication

This commit is contained in:
Saurabh Bhatia 2014-02-14 12:20:58 +08:00
parent feb1deba84
commit d8dfc758bf
2 changed files with 11 additions and 7 deletions

View File

@ -1,26 +1,30 @@
module Api module Api
module V1 module V1
class BaseController < ApplicationController class BaseController < ApplicationController
before_filter :restrict_access before_filter :verify_server
respond_to :json respond_to :json
skip_before_filter :verify_authenticity_token skip_before_filter :verify_authenticity_token
def current_resource_owner
User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
end
private private
def authorize_client def authorize_client
verify_client || render_unauthorized verify_client || render_unauthorized
end end
def verify_server
restrict_access || render_server_unauthorized
end
def restrict_access def restrict_access
authenticate_or_request_with_http_token do |token, options| authenticate_or_request_with_http_token do |token, options|
ApiKey.pluck(:access_token).include?(token) ApiKey.pluck(:access_token).include?(token)
end end
end end
def render_server_unauthorized
self.headers['WWW-Authenticate'] = 'Token realm="Application"'
render json: 'Invalid Authorization Token', status: 401
end
def verify_client def verify_client
site_token = request.headers[:HTTP_X_SITETOKEN] site_token = request.headers[:HTTP_X_SITETOKEN]
site_id = request.headers[:HTTP_X_SITEID] site_id = request.headers[:HTTP_X_SITEID]

View File

@ -4,7 +4,7 @@ class User
# Include default devise modules. Others available are: # Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable # :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, devise :database_authenticatable,
:recoverable, :rememberable, :trackable, :validatable, :registerable :recoverable, :rememberable, :trackable, :validatable
## Database authenticatable ## Database authenticatable
field :email, :type => String, :default => "" field :email, :type => String, :default => ""