I am trying to register a user via JSON api. Here I have a uniqueness validation on email.
The problem is whenever an existing user registers with his/her existing email and incorrect password(different from what it is in their existing account) in sign up page of android app, it gives a 401 unauthorized error instead of 403 as I am expecting here.
From devise docs, I have come to know that devise tries to authenticate every request for the particular model. In my case it does not proceed further if this authentication fails for registration. I want to return a 403 error here.
Is there a workaround for this?? TIA.
I have overridden the devise registrations controller for registrations from android app like this:
class Api::V1::RegistrationsController < Devise::RegistrationsController
skip_before_filter :verify_authenticity_token,
:if => Proc.new { |c| c.request.format == 'application/json' }
respond_to :json
def create
resource = build_resource(sign_up_params)
if resource.save
render :status => 200,
:json => { :success => true,
:info => "Successfully registered. A confirmation email has been sent.Please confirm it before you login!",
:data => {:id => resource.id}
}
else
render :status => 403,
:json => { :success => false,
:info => resource.errors,
:data => {} }
end
end
end
My routes file reads something like:
devise_for :users
.
.
.
.
namespace :api do
namespace :v1 do
devise_scope :user do
post 'confirmations/reconfirm' => 'confirmations#send_confirmation_mail'
post 'registrations' => 'registrations#create', :as => 'register'
put 'passwords' => 'passwords#update'
post 'sessions' => 'sessions#create', :as => 'login'
delete 'sessions' => 'sessions#destroy', :as => 'logout'
end
end
end
.
.
.
Other routes here
.
.
.
Aucun commentaire:
Enregistrer un commentaire