Using devise_token_auth with devise for one method

[ingolfured]

I have an app using devise and everything is working fine. Now I want to be able to access one controller function via token (preferably by using the devise_token_auth gem), but if there is no token in the header, normal devise should authenticate (just like it used to do). That is, everything should work like it did (normal devise login and so on) but we should also be able to send a request with appropriate headers , get a token and use that to call the function.

If I put the following line in the application controller,

include DeviseTokenAuth::Concerns::SetUserByToken

I get the following body

{"errors":["Authorized users only."]}

Even though I create the api - v1 namespace / scope in routes.rb.

Is there anyway to use the regular devise just as normally but only use the DeviseTokenAuth for one method?

Thanks!

[vic700208]

I'm afraid you can't, you will need to use a separate controller

[ingolfured]

Alright, now I have two controllers two handle that. However, I'm having similar problem as described in the readme (see here). I have now created a 'ApiApplicationController' so the

before_filter :authenticate_user!

inside the regular application_controller.rb won't stop us from authenticate via api/v1/auth/sign_in (as described in the link above). However, how can I make the request (api/v1/auth/sign_in) go through ApiApplicationController instead of the regular one?

[vic700208]

You can't, what you need to do is move your before_filter :authenticate_user! to a sub controller and subclass your devise-based controllers from this sub controller instead.
i.e.

class DeviseController < ApplicationController
      before_filter :authenticate_user!

class SomeDeviseController < DeviseController

class ApiController < ApplicationController
     before_filter :authenticate_user!

class SomeApiControlller < ApiController

[zachfeldman]

Sounds like we have a proposed solution. Closing for now.