Ruby on Rails

Override Devise Auth Token Controllers

Ashish Jajoria
, , , , , ,

For authentication and token management at backend in Ruby On Rails we use devise-token-auth.

Sometimes we need to update some of the following default behaviours:-

  • Registration(via facebook, twitter, mobile, email etc.)
  • Password reset flow(email reset link OR OTP based)
  • We would like to add or remove some fields from the signin API.
    etc

Configutation:-

Use devise-token-auth-guide to setup your devise configuration.

After configuration, your routes.rb would look like this:

1
2
# config/routes.rb
mount_devise_token_auth_for 'User', at: 'auth'

Overriding:-

  • Create a package named overrides, in cotrollers package.
  • For overriding RegistrationsController used for signup flow, add registrations_controller.rb to the package we just created and extent the RegistrationsController by DeviseTokenAuth::RegistrationsController.
1
2
3
4
5
module Overrides
 class RegistrationsController < DeviseTokenAuth::RegistrationsController
  ...
 end
end
  • Now write the create method yourself for your custom parameters you want to use while signing up a user with custom conditions and if there is any condition when you don’t want to handle, then just call super and the default signup flow will work for that case.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
module Overrides
 class RegistrationsController < DeviseTokenAuth::RegistrationsController
  def create

   ... #Your custom conditions and handling

   @resource = User.new(email: email) #This may vary based on your params and conditions you want
   @resource.name = params[:name]
   @resource.password = params[:password]

   unless @resource.save
    render json: { message: @resource.errors.full_messages.join(', ') }, status: :bad_request
    return
   end

   @token = @resource.create_token
   @resource.save

   update_auth_header
   render_create_success
  end
 end
end
  • Now Update your routes.rb
1
2
3
mount_devise_token_auth_for 'User', at: 'auth', controllers: {
 registrations: 'overrides/registrations'
}

Likewise we can override following controllers:-

  • ConfirmationsController
  • PasswordsController
  • OmniauthCallbacksController
  • SessionsController
  • TokenValidationsController
     

References:-

  1. devise_token_auth gem
  2. Devise Token Auth Guide
Share

NAYAN (Partner's offices)

Gulf Business Machines (UCMC LLC.)
Emarat Atrium Building, Wing B, 3rd Floor
Opposite Holiday Inn (Al Safa)
Sheikh Zayed Road, PO Box 9226, Dubai, UAE

Our Goal: Stewarding and Monitoring all roadways, on demand

© 2019 NAYAN All Rights Reserved