For authentication and token management at backend in Ruby On Rails we use devise-token-auth.
Sometimes we need to update some of the following default behaviours:-
- Registration(via facebook, twitter, mobile, email etc.)
- Password reset flow(email reset link OR OTP based)
- We would like to add or remove some fields from the signin API.
etc
Configutation:-
Use devise-token-auth-guide to setup your devise configuration.
After configuration, your routes.rb would look like this:
1 | # config/routes.rb |
Overriding:-
- Create a package named
overrides
, in cotrollers package. - For overriding RegistrationsController used for signup flow, add
registrations_controller.rb
to the package we just created and extent the RegistrationsController byDeviseTokenAuth::RegistrationsController
.
1 | module Overrides |
- Now write the
create
method yourself for your custom parameters you want to use while signing up a user with custom conditions and if there is any condition when you don’t want to handle, then just call super and the default signup flow will work for that case.
1 | module Overrides |
- Now Update your routes.rb
1 | mount_devise_token_auth_for 'User', at: 'auth', controllers: { |
Likewise we can override following controllers:-
- ConfirmationsController
- PasswordsController
- OmniauthCallbacksController
- SessionsController
- TokenValidationsController
References:-
- devise_token_auth gem
- Devise Token Auth Guide
Some good reads you may like:-
p.s. Nayan is a platform that offers high precision services for traffic monitoring and road safety. Check out our website