How do you use cURL to authenticate on a Rails application that uses Devise?

后端 未结 4 763
温柔的废话
温柔的废话 2021-01-31 00:21

I want to test my rails web service using cURL, yet so far I could only do it while deactivating before_filter :authenticate_user!. But I\'d like to log in a priori

相关标签:
4条回答
  • 2021-01-31 00:42

    This works:

    Authenticate:

    curl -H 'Content-Type: application/json' \
      -H 'Accept: application/json' \
      -X POST http://localhost:3000/users/sign_in \
      -d "{'user' : { 'email' : 'test@example.com', 'password' : 'password'}}" \
      -c cookie

    Show:

    curl -H 'Content-Type: application/json' \
      -H 'Accept: application/json' \
      -X GET http://localhost:3000/pages/1.xml \
      -b cookie
    0 讨论(0)
  • 2021-01-31 00:54

    Got the following answer from José Valim:

    If you have an web service, sign in should be done using HTTP Auth. If not, your option is to disable authenticity token on the session form, although not recommended.

    0 讨论(0)
  • 2021-01-31 01:01

    Have you tried something like this (not tested):

    curl --user name:password http://www.domain.com
    curl --user name:password -f 'key=value' http://www.domain.com
    
    0 讨论(0)
  • 2021-01-31 01:03

    This is because Rails by default adds an authenticity token to forms to protect from malicious forgery of submitted parameters. As you do not supply this token with your request, rails does not accept it. You can bypass this with

    skip_before_filter :verify_authenticity_token
    

    in your controller, where authorization takes place, better even to limit it to the authorization action with :only.

    0 讨论(0)
提交回复
热议问题