I’m trying to make an android app with an api made in Ruby on rails application. I’m wondering how to keep user login information in the android application. And also once the user is logged in, then the device(mobile) can access to a database with Ruby application.
In the Ruby app, the user account method is implemented with a Devise gem.
When I request the post with email and password, the output is gathered at “buffer”. This buffer has data ( when the user puts the correct information – password and email address, the output is a token or “ok” like string. ) But I don't know which type of information I have to keep for this situation.
After this I am a bit lost what to do for the next step. In the Rails app, “current_user” is stored in the session and whenever user navigate the website, this current_user exists unless logged out.
But I’m here using API and I don’t know how Android App retain the user info here.
The user model in Rails has attributes: email, first_name, last_name, etc.
URL url = new URL("https://www.sitename.com/api/v1/sessions");
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.connect();
urlConnection.setReadTimeout(10000);
urlConnection.setConnectTimeout(15000);
urlConnection.setRequestMethod("POST");
urlConnection.setDoInput(true);
urlConnection.setDoOutput(true);
String urlParameters = "[email protected]&password=123123123";
DataOutputStream dStream = new DataOutputStream(urlConnection.getOutputStream());
dStream.writeBytes(urlParameters);
dStream.flush();
dStream.close();
InputStream in = urlConnection.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(in));
StringBuffer buffer = new StringBuffer();
String line = "";
while ((line = reader.readLine()) != null) {
buffer.append(line).append("\n");
}
reader.close();
return buffer.toString();
//I fill something needs to be done here.
And after that, how can we tell to the Ruby Application that the user is logged in? Which type of API I have to make in this situation?
The below is the ruby method for the API ( sessions ). The access address is "/api/v1/sessions".
module Beta
class Currency < Grape::API
version 'v1', using: :path
format :json #if we put like this, this page would have a json formatted output.
rescue_from :all
#http://localhost:3000/api/v1/beta/exchange?amount=4.5#
#api/v1/+resource name/+method_name
error_formatter :json, lambda { |message, backtrace, options, env|
{
status: 'failed',
message: message,
error_code: 123
}
}
resource :sessions do
desc "Authenticate user and return user object / access token"
params do
requires :email, type: String, desc: "User email"
requires :password, type: String, desc: "User Password"
end
post do
email = params[:email]
password = params[:password]
if email.nil? or password.nil?
error!({error_code: 404, error_message: "Invalid Email or Password.type0"},401)
return
end
user = User.where(email: email.downcase).first
puts "되고 있나?"
if user.nil?
error!({error_code: 404, error_message: "Invalid Email or Password.type1"},401)
return
end
if !user.valid_password?(password)
error!({error_code: 404, error_message: "Invalid Email or Password.type2"},401)
return
else
#user.ensure_authentication_token
#user.save
#{status: 'ok', token: user.authentication_token}.to_json
{status: 'ok', token: "logged_in#{user.id}#{user.email}"}.to_json
end
end
#curl -H "Content-Type: application/json" -X POST -d '{"email":"[email protected],"password":"123123123"}' http://localhost:3000/api/v1/sessions
desc "Destroy the access token"
params do
requires :access_token, type: String, desc: "User Access Token"
end
delete ':access_token' do
access_token = params[:access_token]
user = User.where(authentication_token: access_token).first
if user.nil?
error!({error_code: 404, error_message: "Invalid access token."},401)
return
else
user.reset_authentication_token
#{status: 'ok'}
end
end
end
..
Please give me any hunch! I'm so looking forward to hearing any comments from the experts like you! (:
