Class: Droom::Api::UsersController

Inherits:

ApiController

• Object
• ApplicationController
• EngineController
• ApiController
• Droom::Api::UsersController

Defined in:

app/controllers/droom/api/users_controller.rb

Instance Method Summary

• #authenticate ⇒ Object

  This is a almost always a preliminary call at the initial auth stage, so the client is not yet setting auth headers.

• #create ⇒ Object
• #deauthenticate ⇒ Object

  deauth is used to achieve single-sign-out.

• #destroy ⇒ Object
• #index ⇒ Object
• #show ⇒ Object
• #update ⇒ Object

Methods inherited from ApiController

#current_ability

Methods inherited from EngineController

#current_ability

Instance Method Details

#authenticate ⇒ Object

This is a almost always a preliminary call at the initial auth stage, so the client is not yet setting auth headers. We look for a token in params too.

# File 'app/controllers/droom/api/users_controller.rb', line 21

def authenticate
  token = params[:tok]
  if @user = Droom::User.find_by(authentication_token: token)
    render json: @user
  else
    head :unauthorized
  end
end

#create ⇒ Object

# File 'app/controllers/droom/api/users_controller.rb', line 49

def create
  if @user && @user.persisted?
    render json: @user
  else
    render json: { errors: @user.errors.to_a }
  end
end

#deauthenticate ⇒ Object

deauth is used to achieve single-sign-out. It changes the auth token and session id so that neither the data room session cookie nor the domain auth cookie can identify a user.

# File 'app/controllers/droom/api/users_controller.rb', line 33

def deauthenticate
  token = params[:tok]
  if @user = Droom::User.find_by(authentication_token: token)
    @user.clear_session_id!
    @user.reset_authentication_token!
    render json: @user
  else
    head :unauthorized
  end
end

#destroy ⇒ Object

# File 'app/controllers/droom/api/users_controller.rb', line 57

def destroy
  @user.destroy
  head :ok
end

#index ⇒ Object

# File 'app/controllers/droom/api/users_controller.rb', line 10

def index
  render json: @users
end

#show ⇒ Object

# File 'app/controllers/droom/api/users_controller.rb', line 14

def show
  render json: @user
end

#update ⇒ Object

# File 'app/controllers/droom/api/users_controller.rb', line 44

def update
  @user.update_attributes(user_params)
  render json: @user
end