Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class Api::V1::SessionsController < ApplicationController
- def create
- # Gather params
- user_password = params[:session][:password] if params[:session]
- user_email = params[:session][:email] if params[:session]
- # Validations
- if request.format != :json
- render status: 406, json: { errors: 'The request must be made in JSON.' }
- return
- end
- if user_email.nil? or user_password.nil?
- render status: 400, json: { errors: 'The request MUST contain the user email and password.' }
- return
- end
- # Authentication
- user = User.find_by(email: user_email)
- if user
- if user.valid_password?(user_password)
- sign_in user, store: false
- user.reset_authentication_token!
- render status: 200, json: user, serializer: SessionSerializer, root: :user
- else
- render status: 401, json: { errors: 'Invalid email or password.' }
- end
- else
- render status: 401, json: { errors: 'Invalid email or password.' }
- end
- end
- def destroy
- user = User.find_by(auth_token: params[:id])
- user.generate_authentication_token!
- user.save
- head 204
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
