Using a curl command to login to rails api with devise Using a curl command to login to rails api with devise curl curl

Using a curl command to login to rails api with devise


ruby-on-rails ruby curl devise

Devise is a Rails engine, so it has its own set of controllers which do not inherit from ApplicationController. To make the override work, you need to make controllers in your app that inherit from the devise ones, then tell Devise to use those instead of the default ones. This how-to on the Devise wiki might help.

Having said that, the CSRF protection is there for a reason, and if you disable it, the users logging in via the web browser will no longer be protected, which is a really bad idea. A better way to do this would be to have a proper mechanism for logging in via the API which is different from the web GUI. There is a :token_authenticatable module that will help here, and a good guide to using it here.

However... the Platformatec guys who make Devise have removed :token_authenticatable from the core as they say it is not 100% secure (see this blog post). There is a good Stackoverflow question here explaining the issues and suggesting some better ways to implement things.

Hope that throws some light on things.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last