我正在按照本教程创建令牌身份验证:tutorial
以下是教程
中的控制器代码API的会话控制器:
class Api::SessionsController < Api::BaseController
skip_before_action :require_login!, only: [:create]
def create
resource = User.find_for_database_authentication(email: params[:email])
resource ||= User.new
if resource.valid_password?(params[:password])
auth_token = resource.generate_auth_token
render json: { auth_token: auth_token }
else
invalid_login_attempt
end
end
def destroy
resource = current_person
resource.invalidate_auth_token
head :ok
end
private
def invalid_login_attempt
render json: { errors: [ { detail: 'Error with your login or password' }]}, status: 401
end
end
API的基本控制器:
class Api::BaseController < ActionController::Base
before_action :require_login!
helper_method :person_signed_in?, :current_user
def user_signed_in?
current_person.present?
end
def require_login!
return true if authenticate_token
render json: { errors: [ { detail: 'Access Denied' } ] }, status: 401
end
def current_user
@_current_user ||= authenticate_token
end
private
def authenticate_token
authenticate_with_http_token do |token, options|
User.find_by(auth_token: token)
end
end
end
我将如何测试这些方法?具体来说,创建方法,我从哪里发送参数?任何见解都会很棒,谢谢!