这是一个使用Mongoid作为ODM的Rails 3.0应用程序。以下是安装设备的用户模型。
class User
include Mongoid::Document
devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable
field :email
field :username
field :loginable_token
end
我正在构建一个API。因此,对于身份验证,我想通过以下方式验证用户:email和:password。从GUI,它的精细和工作。
现在,我想通过API实现它,所以我创建了一个单独的路由/api_login.json,使用params login
{"username"=>"kapil@gmail.com", "password"=>"sachin", "action"=>"login", "controller"=>"api/v1/accounts", "format"=>"json"}行动
当我尝试在warden.authenticate!(:scope => :user)之前使用sign_in方法进行身份验证时,会因以下回溯而崩溃。
(rdb:1) l
[3, 12] in /Users/sts-151sts-151/Dev/cloudfactory/app/controllers/api/v1/accounts_controller.rb
3 respond_with(@current_account)
4 end
5
6 def login
7 debugger
=> 8 resource = warden.authenticate!(:scope => :user)
9 sign_in(:user, resource)
10 if user == nil
11
12 respond_with(User.account.apps.first)
(rdb:1) p params
{"username"=>"kapil@gmail.com", "password"=>"sachin", "action"=>"login", "controller"=>"api/v1/accounts", "format"=>"json"}
(rdb:1) rs = warden.authenticate!(:scope => :user)
*** Unknown command: "rs = warden.authenticate!(:scope => :user)". Try "help".
(rdb:1) p rs = warden.authenticate!(:scope => :user)
1) /api/v1/lines POST send back the default app
Failure/Error: last_response.status.should eql(200)
expected 200
got 401
(compared using eql?)
# ./spec/api/v1/accounts_spec.rb:46:in `block (3 levels) in <top (required)>'
测试是通过默认的rack-test方式进行的。
验证的正确方法是什么?