i’m trying make android app api made in ruby on rails application. i’m wondering how keep user login information in android application. , once user logged in, device(mobile) can access database ruby application.
in ruby app, user account method implemented devise gem.
when request post email , password, output gathered @ “buffer”. buffer has data ( when user puts correct information – password , email address, output token or “ok” string. ) don't know type of information have keep situation.
after bit lost next step. in rails app, “current_user” stored in session , whenever user navigate website, current_user exists unless logged out.
but i’m here using api , don’t know how android app retain user info here.
the user model in rails has attributes: email, first_name, last_name, etc.
url url = new url("https://www.sitename.com/api/v1/sessions"); httpurlconnection urlconnection = (httpurlconnection) url.openconnection(); urlconnection.connect(); urlconnection.setreadtimeout(10000); urlconnection.setconnecttimeout(15000); urlconnection.setrequestmethod("post"); urlconnection.setdoinput(true); urlconnection.setdooutput(true); string urlparameters = "email=emailaddress@gmail.com&password=123123123"; dataoutputstream dstream = new dataoutputstream(urlconnection.getoutputstream()); dstream.writebytes(urlparameters); dstream.flush(); dstream.close(); inputstream in = urlconnection.getinputstream(); bufferedreader reader = new bufferedreader(new inputstreamreader(in)); stringbuffer buffer = new stringbuffer(); string line = ""; while ((line = reader.readline()) != null) { buffer.append(line).append("\n"); } reader.close(); return buffer.tostring(); //i fill needs done here.
and after that, how can tell ruby application user logged in? type of api have make in situation?
the below ruby method api ( sessions ). access address "/api/v1/sessions".
module beta class currency < grape::api version 'v1', using: :path format :json #if put this, page have json formatted output. rescue_from :all #http://localhost:3000/api/v1/beta/exchange?amount=4.5# #api/v1/+resource name/+method_name error_formatter :json, lambda { |message, backtrace, options, env| { status: 'failed', message: message, error_code: 123 } } resource :sessions desc "authenticate user , return user object / access token" params requires :email, type: string, desc: "user email" requires :password, type: string, desc: "user password" end post email = params[:email] password = params[:password] if email.nil? or password.nil? error!({error_code: 404, error_message: "invalid email or password.type0"},401) return end user = user.where(email: email.downcase).first puts "되고 있나?" if user.nil? error!({error_code: 404, error_message: "invalid email or password.type1"},401) return end if !user.valid_password?(password) error!({error_code: 404, error_message: "invalid email or password.type2"},401) return else #user.ensure_authentication_token #user.save #{status: 'ok', token: user.authentication_token}.to_json {status: 'ok', token: "logged_in#{user.id}#{user.email}"}.to_json end end #curl -h "content-type: application/json" -x post -d '{"email":"ddd@gmail.com,"password":"123123123"}' http://localhost:3000/api/v1/sessions desc "destroy access token" params requires :access_token, type: string, desc: "user access token" end delete ':access_token' access_token = params[:access_token] user = user.where(authentication_token: access_token).first if user.nil? error!({error_code: 404, error_message: "invalid access token."},401) return else user.reset_authentication_token #{status: 'ok'} end end end
..
please give me hunch! i'm looking forward hearing comments experts you! (:
well sessions access cookie on browser , stores 4kb of data. looks api method working in same way rails does. should check rails guides on how sessions work http://guides.rubyonrails.org/security.html#what-are-sessions-questionmark
check section session storage. find out if android application able persist data cookies, if should hypothetically able access through session.
Comments
Post a Comment