Class: DeviseTokenAuth::SessionsController

Inherits:

Devise::SessionsController

• Object
• Devise::SessionsController
• DeviseTokenAuth::SessionsController

Includes:

Devise::Controllers::Helpers, Concerns::SetUserByToken

Defined in:

app/controllers/devise_token_auth/sessions_controller.rb

Instance Method Summary

• #create ⇒ Object
• #destroy ⇒ Object
• #resource_params ⇒ Object
• #valid_params? ⇒ Boolean

Instance Method Details

#create ⇒ Object

# File 'app/controllers/devise_token_auth/sessions_controller.rb', line 10

def create
  @user = User.find_by_email(resource_params[:email])

  if @user and valid_params? and @user.valid_password?(resource_params[:password]) and @user.confirmed?
    # create client id
    @client_id = SecureRandom.urlsafe_base64(nil, false)
    @token     = SecureRandom.urlsafe_base64(nil, false)

    @user.tokens[@client_id] = {
      token: BCrypt::Password.create(@token),
      expiry: Time.now + 2.weeks
    }
    @user.save

    render json: {
      success: true,
      data: @user.as_json
    }

  elsif @user and not @user.confirmed?
    render json: {
      success: false,
      errors: [
        "A confirmation email was sent to your account at #{@user.email}. "+
        "You must follow the instructions in the email before your account "+
        "can be activated"
      ]
    }, status: 401

  else
    render json: {
      success: false,
      errors: ["Invalid login credentials. Please try again."]
    }, status: 401
  end
end

#destroy ⇒ Object

# File 'app/controllers/devise_token_auth/sessions_controller.rb', line 47

def destroy
  sign_out(resource_name)

  render json: {
    success:true
  }
end

#resource_params ⇒ Object

# File 'app/controllers/devise_token_auth/sessions_controller.rb', line 59

def resource_params
  params.permit(:email, :password)
end

#valid_params? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/controllers/devise_token_auth/sessions_controller.rb', line 55

def valid_params?
  resource_params[:password] && resource_params[:email]
end