Search code examples
iphoneruby-on-railscurldevisebasic-authentication

How to format a POST to create User with Basic HTTP Auth and Devise Rails Gem

I'm a newb when it comes to this authenticaion business. So I've been searching for a while, and couldn't find any straight-forward solutions:

I've got a Rails back end using the Devise gem for user auth, and an iPhone front end. I need to know how to create a user from the iPhone.

I've got resources wrt how to create an asynchronous post, but I need to understand the general concept of HTTP authentication a bit better--if I were to, say, use Curl to create a post that would create a User utilizing basic HTTP authentication, what would be the curl command I'd send to 'www.example.com/createuser' to do so?

For this example's sake, my Rails app's user model attributes are email and password.

Thanks a million in advance for any advice/links to resources. I very much appreciate it!

Best, Jared

Solution

  • Basically this is just a matter of POSTing the proper data to the user creation route (run rake routes to see all the routes that devise creates for you once you have it properly installed). For example, I did this with one of my apps (using command line curl):

    curl -H "Content-Type:application/json" -H "Accept:application/json" -d "{\"user\":{\"email\":\"[email protected]\", \"password\":\"super_secret_pass\", \"password_confirmation\":\"super_secret_pass\"}}" http://jared-dev/users

    ..and I get back:

    {"status":"signed_in"}

    ..and just to confirm it worked:

    irb(main):001:0> User.find_by_email('[email protected]')
=> #<User id: 2, email: "[email protected]", encrypted_password: "$2a$10$QMBAcpKjUwoC.pcRYt88a.vA0oq58jx0lagbgY298wjf...", password_salt: "$2a$10$QMBAcpKjUwoC.pcRYt88a.", reset_password_token: nil, remember_token: nil, remember_created_at: nil, sign_in_count: 1, current_sign_in_at: "2011-03-15 19:49:47", last_sign_in_at: "2011-03-15 19:49:47", current_sign_in_ip: "127.0.1.1", last_sign_in_ip: "127.0.1.1", authentication_token: "yW37HrKUigwvSEDmXaB4", created_at: "2011-03-15 19:49:47", updated_at: "2011-03-15 19:49:47">

    In this example, I'm posting JSON data because I think it's easier to read, but you can get curl to do standard formdata as well. I had to modify my application controller to support JSON for auth, according to this post.

    These command line options correspond to CURLOPT_HTTPHEADER, CURLOPT_POST, and CURLOPT_POSTFIELDS set via curl_easy_setopt when using the libcurl easy interface.

    Hope that helps.