Devise API Authentication

How do I authenticate using Devise in a Rails REST API App?

After getting a few tips, I found a number of great sites. There are several ways to do this, however I don't know which one is best, but these sites help a long way:

• https://github.com/lynndylanhurley/devise_token_auth (An extension to
  Devise)
• https://labs.kollegorna.se/blog/2015/04/build-an-api-now/
  (Manual way)
• Token based authentication for Rails JSON APIs (SO Question)
• Rails API : Best way to implement authentication? (SO Question)
• Rails API : Best way to implement authentication?

Devise API authentication

There is a devise configuration called :token_authenticatable. So if you add that to the devise method in your "user", then you can authenticate in your API just by calling

"/api/v1/recipes?qs=sweet&auth_token=[@user.auth_token]"

You'll probably want this in your user as well:

before_save :ensure_authentication_token

UPDATE (with API authorization code)

The method you're looking for are:

resource = User.find_for_database_authentication(:login=>params[:user_login][:login])
resource.valid_password?(params[:user_login][:password])

here's my gist with a full scale JSON/API login with devise

Common Devise login for web and api

@Lovish Choudhary I found you sent request for sign up with

http://localhost:3000/api/users/sign_in URL.

But you defined that your registration route with api/registrations

Problem occurred as you have multiple devise routeing in your route file.

Is their an authentication library similar to Devise that supports API only rails applications but also refresh tokens?

I've decided to roll my own solution. I've created a new gem called devise_jwt_auth that is essentially a JWT-based, access/silent refresh solution ported from Devise Token Auth. At this stage it isn't a mature solution but I welcome any contributors who would like to help. You can find the project here and its been published through rubygems.org so you can gem install devise_jwt_auth and use it.

---

Related Topics