I'm setting up an API endpoint for a create action, and then posting to it from another application to create a db record.
But data posted to the endpoint is being ignored when creating a record.
In the below code, Application 1 is using a rake task to post to Application 2.
Application 1
task post_this: :environment do
require 'rest-client'
p RestClient.post "site.io/api/v1/users", {:first_name => "Long", :last_name => "John Silver", :email => "1@example.com"}
end
Application 2
Schema
create_table "users", force: :cascade do |t|
t.string "first_name"
t.string "last_name"
t.string "email"
t.string "password"
t.string "password_confirmation"
t.string "temp_password"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
end
UsersController
def create
@user = User.new(params[:user])
@user.temp_password = Devise.friendly_token
respond_to do |format|
if @user.save
format.json { render json: @user, status: :created }
format.xml { render xml: @user, status: :created }
else
format.json { render json: @user.errors, status: :unprocessable_entity }
format.xml { render json: @user.errors, status: :unprocessable_entity }
end
end
end
Routes
namespace :api do
namespace :v1 do
resources :users, :defaults => { :format => 'xml' }
end
end
Response in Application 1 making request
"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>\n <id type=\"integer\">6</id>\n <first-name nil=\"true\"/>\n <last-name nil=\"true\"/>\n <email nil=\"true\"/>\n <password nil=\"true\"/>\n <password-confirmation nil=\"true\"/>\n <temp-password>BzXXpW4wCM5ydhpYxzMg</temp-password>\n <created-at type=\"dateTime\">2016-05-27T09:14:32Z</created-at>\n <updated-at type=\"dateTime\">2016-05-27T09:14:32Z</updated-at>\n</user>\n"
Application 2 Heroku logs
Parameters: {"first_name"=>"Long", "last_name"=>"John Silver", "email"=>"1@example.com"}
Started POST "/api/v1/users" for 104.155.210.3 at 2016-05-27 09:14:32 +0000
(1.0ms) BEGIN2016-05-SQL (1.3ms) INSERT INTO "users" ("temp_password", "created_at", "updated_at") VALUES ($1, $2, $3) RETURNING "id" [["temp_password", "BzXXpW4wCM5ydhpYxzMg"], ["created_at", "2016-05-27 09:14:32.759178"], ["updated_at", "2016-05-27 09:14:32.759178"]]
Can't verify CSRF token authenticity
(2.0ms) COMMIT
Completed 201 Created in 43ms (Views: 16.1ms | ActiveRecord: 12.7ms)
A record is being created but most of the columns are nil.
I'm just learning how to setup API endpoints so any help would be greatly appreciated!
In your users_controller.rb after your actions add:
private
def user_params
params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation, :temp_password)
end
and update your new action to use user_params instead of params[:user] like so:
@user = User.new(user_params)