JWT only api endpoints and custom responses

36 views
Skip to first unread message

Bruno Aníbal Prieto González

unread,
May 4, 2021, 10:21:15 PMMay 4
to Rodauth
Hello!
I hope you are well.
I have 2 questions, sorry if they are very basic, I am just starting in Rails recently. I need to have an api in rails with authentication, I followed the steps that are in the documentation and I think it already works, but I don't know what are the parameters that I should put to the routes. Can I find that somewhere?
For example, I was trying something like this, but it doesn't work:

Content-Type: application/json

{
    "account": {
        "email": "bruno...@gmail.com",
        "password": "Bb01pqña"
    }
}

I would also like to know if there is a way to respond with additional user information when logging in, such as name, etc.

I am currently using Doorkeeper, I would like to switch to Rodauth, but I can't find a way to do those 2 things.

Thank you very much in advance

Jeremy Evans

unread,
May 4, 2021, 11:03:09 PMMay 4
to rod...@googlegroups.com
You want email and password without wrapping it in account.  Can you try that?

Thanks,
Jeremy

Bruno Aníbal Prieto González

unread,
May 4, 2021, 11:14:46 PMMay 4
to Rodauth
Thank you very much for your response. I tried that but it didn't work, I did this:

Content-Type: application/json

{
    "email": "bruno...@gmail.com",
    "password": "Bb01pqña"
}

And I get this response

{
  "field-error": [
    "login",
    "invalid login, minimum 3 characters"
  ],
  "error": "There was an error creating your account"
}

This is the log in Rails

Started POST "/create-account" for 127.0.0.1 at 2021-05-04 23:09:40 -0400
   (0.5ms)  SELECT sqlite_version(*)
   (0.1ms)  SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
  Sequel (0.1ms)  SELECT sqlite_version()
  ↳ app/lib/rodauth_app.rb:128:in `block in <class:RodauthApp>'
  Sequel (0.6ms)  SELECT * FROM `accounts` WHERE ((`email` = '') AND (`status` IN ('unverified', 'verified'))) LIMIT 1
  ↳ app/lib/rodauth_app.rb:128:in `block in <class:RodauthApp>'

Thanks

Jeremy Evans

unread,
May 5, 2021, 12:00:07 AMMay 5
to rod...@googlegroups.com
On Tue, May 4, 2021 at 8:14 PM Bruno Aníbal Prieto González <bruno...@gmail.com> wrote:
Thank you very much for your response. I tried that but it didn't work, I did this:

Content-Type: application/json

{
    "email": "bruno...@gmail.com",
    "password": "Bb01pqña"
}

And I get this response

{
  "field-error": [
    "login",
    "invalid login, minimum 3 characters"
  ],
  "error": "There was an error creating your account"
}


That sort of tells you the issue right there.  It's expecting a parameter named login (not email) for the login.  So either change the parameter from email to login, or use the following in your Rodauth configuration:

  login_param 'email'

Thanks,
Jeremy

Bruno Aníbal Prieto González

unread,
May 5, 2021, 12:42:51 AMMay 5
to Rodauth
Great, that worked!

Sorry if I keep asking. What parameters does jwt-refresh receive? I tried several but it always tells me it's invalid, I'm also not sure if the logout is working right, although it returns a satisfactory response.
I'm trying this, well, one of several I tried:

Content-Type: application/json
Authorization: Bearer access_token...

{
    "refresh_token": "1_3_WU..."
}

The response is:

  "error": "invalid JWT refresh token"  

And the log:

Started POST "/jwt-refresh" for 127.0.0.1 at 2021-05-05 00:36:54 -0400
   (0.1ms)  SELECT sqlite_version(*)
  ↳ app/lib/rodauth_app.rb:128:in `block in <class:RodauthApp>'
  Sequel (0.3ms)  DELETE FROM `account_jwt_refresh_keys` WHERE ((`account_id` = '1') AND (CURRENT_TIMESTAMP > `deadline`
))
  ↳ app/lib/rodauth_app.rb:128:in `block in <class:RodauthApp>'
  Sequel (0.2ms)  SELECT `key` FROM `account_jwt_refresh_keys` WHERE ((`account_id` = '1') AND (`id` = '3')) LIMIT 1
  ↳ app/lib/rodauth_app.rb:128:in `block in <class:RodauthApp>'
  Sequel (0.1ms)  SELECT * FROM `accounts` WHERE ((`id` = '1') AND (`status` = 'verified')) LIMIT 1
  ↳ app/lib/rodauth_app.rb:128:in `block in <class:RodauthApp>'

Maybe it would be nice if you could add the endpoints with the parameters needed in the documentation, or maybe I'm not looking for them right.

And how could I customize the login response to include certain profile data, for example?

Thank you very much for your help

Jeremy Evans

unread,
May 5, 2021, 2:28:59 AMMay 5
to rod...@googlegroups.com
On Tue, May 4, 2021 at 9:42 PM Bruno Aníbal Prieto González <bruno...@gmail.com> wrote:
Great, that worked!

Sorry if I keep asking. What parameters does jwt-refresh receive? I tried several but it always tells me it's invalid, I'm also not sure if the logout is working right, although it returns a satisfactory response.
I'm trying this, well, one of several I tried:

Content-Type: application/json
Authorization: Bearer access_token...

{
    "refresh_token": "1_3_WU..."
}

The response is:

  "error": "invalid JWT refresh token"  

This appears to be using the correct parameter name, so I'm not sure why it is failing unless the value given is not a valid token, or the account is not open.  The access token is correct or you would get a different error message.

If you would like me to debug, please produce a minimal self contained example using Roda+Rodauth (no Rails), and example code for submitting requests directly using #call on the Roda application.
 
Maybe it would be nice if you could add the endpoints with the parameters needed in the documentation, or maybe I'm not looking for them right.

All of the parameter names are configurable and end in _param, are default values are documented.  For example: http://rodauth.jeremyevans.net/rdoc/files/doc/jwt_refresh_rdoc.html
 
And how could I customize the login response to include certain profile data, for example?

after_login do
  json_response['foo'] = 'bar' 
end

Thanks,
Jeremy
Reply all
Reply to author
Forward
0 new messages