Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to change password via API using Devise Token Auth? Rails 5

Tags:

ruby-on-rails

access-token

devise

I am trying to change the password of a user, using Devise Token Auth gem. But there are parameters that I do not know if it is good since I extract them from the database. Specifically, from the Tokens column of my users table.

This is my request with their respective headers, according to what the documentation tells me:

PUT /auth/password HTTP/1.1
Host: localhost
Content-Type: application/json;charset=utf-8
token-type: Bearer
access-token: $2a$10$d6b2GP5N3WT4/fR62S1VL.kiLx9w0YA6Rb5aVYQtXMBPImLx9ix2i
client: -Z2_wBWzH1GHiAjCAaHAKA
expiry: 1509654584
uid: [email protected]

password=123456789&password_confirmation=123456789

This is the token column of my user table that corresponds to my user with the email [email protected]:

{
    "oJ7t-1kXUFsde9J_euKuZA":{
        "token":"$2a$10$cYAP0ZVndFJz9JUK4tvoOuc96k/JBtgmSyn0cmwvWwy0o.J0XOtKW",
        "expiry":1509642442,
        "last_token":"$2a$10$Boy8Yp2Znb0uOS9tt/3KYum7PX/Jjmb.Igzo5GUs4tDRCejDU5bya",
        "updated_at":"2017-10-19T12:07:22.356-05:00"
    },
    "-Z2_wBWzH1GHiAjCAaHAKA":{
        "token":"$2a$10$d6b2GP5N3WT4/fR62S1VL.kiLx9w0YA6Rb5aVYQtXMBPImLx9ix2i",
        "expiry":1509654584,
        "last_token":"$2a$10$qFTq5JqGUBXayXODsKUSROjjw.TrFYVGtf.EEULCzRWIhMa79ycZS",
        "updated_at":"2017-10-19T15:29:44.204-05:00"
    }
}

But, the result of my request always I get 401 Unauthorized.

I'm using the second json object, where the key I put as a client parameter and the token attribute, I put it as my access_token parameter in my request via PUT.

Am I doing my request correctly with the parameters I have set? O How do I get the client and access-token parameters?

like image 458
Dvex Avatar asked Oct 16 '25 10:10

Dvex

1 Answers

It does not answer exactly the question about the 401 Unauthorized error but here is what I did according to the documentation page. Set the config.check_current_password_before_update to :password which means that if the user wants to update his password, he needs to give his current password as well.

Check your rails routes for the correct path. Mine was : PUT /auth/password/

Then in the body of your request :

{"current_password":"old_password","password":"new_password","password_confirmation":"new_password"}

About the 401 Unauthorized error, as suggested here, maybe this is due to your user authentication.

like image 192
ZazOufUmI Avatar answered Oct 19 '25 02:10

ZazOufUmI
Sign in to Comment

Related questions

Postgres/ActiveRecord sorting by letters then numbers?
How to store data in memory in Ruby on Rails
Creating a Rails form with a Vue component
Ruby "bucketize" an array

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!