Setup and signing in questions

74 views
Skip to first unread message

kirqe

unread,
Aug 26, 2021, 2:19:25 PM8/26/21
to Rodauth
Hi,

I'd like to build a simple api thingy with jwt auth using Roda and Rodauth.
The docs seems confusing to me. But I managed to create a user using the following code

```
 # create account
 rodauth.new_account(login)
 rodauth.set_new_account_password(password)
 rodauth.save_account
``

But during the signin it always returns that I successfully signed in

curl -X POST 'http://127.0.0.1:9393/api/auth/signin' -H "Content-Type: application/json" --data '{"email": "use...@example.com", "password": "hello"}'

```
 # signin
 if account = rodauth.account_from_login(login)
  if rodauth.password_match?(password)
    rodauth.login(password)              
  end                    
 end
```
Whats the correct way of signing in a user through json?

This is the config part (at the top of the main file): 
create_account doesn't seem to work with json

```
  plugin :rodauth, json: :only do
    enable :login, :create_account, :change_password, :close_account, :jwt
    only_json? true
    jwt_secret "hello"
    account_password_hash_column :password_hash
  end
```

And I deleted the following part from the migration

```
  #   case database_type
  #   when :postgres
  #     user = get(Sequel.lit('current_user')) + '_password'
  # run "GRANT SELECT, INSERT, UPDAT
  # run "GRANT SELECT, INSERT, UPDAT
  # run "GRANT SELECT, INSERT, UPDAT
  # ....
  # end
```

Jeremy Evans

unread,
Aug 26, 2021, 2:37:43 PM8/26/21
to rod...@googlegroups.com
On Thu, Aug 26, 2021 at 11:19 AM kirqe <belet...@gmail.com> wrote:
Hi,

I'd like to build a simple api thingy with jwt auth using Roda and Rodauth.
The docs seems confusing to me. But I managed to create a user using the following code

```
 # create account
 rodauth.new_account(login)
 rodauth.set_new_account_password(password)
 rodauth.save_account
``

You don't want to call these methods on the rodauth object directly.  You should use r.rodauth in your Roda routing tree, and that will handle the routes to login, create account, change password, and close account.

If you have special requirements and Rodauth's normal route handling will not work for you, you can consider using the internal_request feature, which allows you to call methods on the Rodauth::Auth class, such as:

  scope.class.rodauth.create_account(:login=>login, :password=>password)

I would only use the internal_request approach if Rodauth's normal route handling will not work for you.

Thanks,
Jeremy
Reply all
Reply to author
Forward
0 new messages