CODEWITHSUNDEEP
ruby-on-railsbasic-authentication
beastlyCoder
beastlyCoder

Reputation: 2401

Basic Authentication Rails

I am trying to accomplish a way using 

http_basic_authenticate_with name: "admin", password: "secret"

To have a user's email and password used for authentication instead of having a hardcoded password. Here is what the rest of my controller class looks like.

class Api::V1::UserInfosController < ApplicationController
  before_action :set_user_info, only: [:show, :edit, :update, :destroy]
  http_basic_authenticate_with name: "admin", password: "secret"

  # GET /user_infos
  def index
    @user_infos = UserInfo.all
  end

  respond_to :json

  def show
    respond_with UserInfo.find(params[:id])
  end

  # GET /user_infos/new
  def new
    @user_info = UserInfo.new
  end

  # GET /user_infos/1/edit
  def edit
  end

  # POST /user_infos
  def create
    @user_info = UserInfo.new(user_info_params)

    if @user_info.save
      redirect_to @user_info, notice: 'User info was successfully created.'
    else
      render :new
    end
  end

  # PATCH/PUT /user_infos/1
  def update
    if @user_info.update(user_info_params)
      redirect_to @user_info, notice: 'User info was successfully updated.'
    else
      render :edit
    end
  end

  # DELETE /user_infos/1
  def destroy
    @user_info.destroy
    redirect_to user_infos_url, notice: 'User info was successfully destroyed.'
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_user_info
      @user_info = UserInfo.find(params[:id])
    end

    # Only allow a trusted parameter "white list" through.
    def user_info_params
      params.require(:user_info).permit(:artist, :email, :password)
    end
end

Any help at all will be greatly appreciated! :)

Upvotes: 0

Views: 104

Answers (1)

Everton
Everton

Reputation: 125

I'd recommend that you use Devise gem for authentication. It's easy to use and has a huge community for support.

However, answering your question, what you could do is follow the example in the ActionController::HttpAuthentication::Basic documentation and achieve something like this:

class Api::V1::UserInfosController < ApplicationController
  before_filter :set_current_user

  private

  def set_current_user
    @current_user ||= authenticate_or_request_with_http_basic do |u, p|
      User.find(email: u, password: p)
    end
  end
end

Where User is the model of your authorized users.

Upvotes: 3

Related Questions