├── log └── .keep ├── app ├── mailers │ └── .keep ├── models │ ├── .keep │ ├── concerns │ │ └── .keep │ ├── story.rb │ └── user.rb ├── controllers │ ├── concerns │ │ └── .keep │ ├── v1 │ │ ├── users_controller.rb │ │ ├── sessions_controller.rb │ │ └── stories_controller.rb │ └── application_controller.rb ├── helpers │ └── application_helper.rb └── serializers │ └── v1 │ ├── user_serializer.rb │ ├── stories_serializer.rb │ ├── story_serializer.rb │ └── session_serializer.rb ├── lib ├── assets │ └── .keep └── tasks │ └── .keep ├── public ├── favicon.ico ├── robots.txt ├── 500.html ├── 422.html └── 404.html ├── test ├── helpers │ └── .keep ├── mailers │ └── .keep ├── models │ ├── .keep │ ├── story_test.rb │ └── user_test.rb ├── controllers │ └── .keep ├── fixtures │ ├── .keep │ ├── stories.yml │ └── users.yml ├── integration │ └── .keep └── test_helper.rb ├── vendor └── assets │ ├── javascripts │ └── .keep │ └── stylesheets │ └── .keep ├── bin ├── bundle ├── rake ├── rails ├── spring └── setup ├── config ├── boot.rb ├── initializers │ ├── cookies_serializer.rb │ ├── session_store.rb │ ├── mime_types.rb │ ├── filter_parameter_logging.rb │ ├── backtrace_silencers.rb │ ├── assets.rb │ ├── wrap_parameters.rb │ ├── inflections.rb │ └── devise.rb ├── environment.rb ├── routes.rb ├── database.yml ├── locales │ ├── en.yml │ └── devise.en.yml ├── application.rb ├── secrets.yml └── environments │ ├── development.rb │ ├── test.rb │ └── production.rb ├── config.ru ├── db ├── migrate │ ├── 20150130155230_add_username_to_user.rb │ ├── 20150129090542_add_access_token_to_user.rb │ ├── 20150129102411_create_stories.rb │ └── 20150129085434_devise_create_users.rb └── seeds.rb ├── Rakefile ├── Gemfile ├── .gitignore ├── Gemfile.lock └── README.md /log/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /app/mailers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /app/models/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/assets/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/tasks/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /public/favicon.ico: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/helpers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/mailers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/models/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/controllers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/fixtures/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/integration/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /app/models/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /app/controllers/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /vendor/assets/javascripts/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /vendor/assets/stylesheets/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /app/helpers/application_helper.rb: -------------------------------------------------------------------------------- 1 | module ApplicationHelper 2 | end 3 | -------------------------------------------------------------------------------- /bin/bundle: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) 3 | load Gem.bin_path('bundler', 'bundle') 4 | -------------------------------------------------------------------------------- /config/boot.rb: -------------------------------------------------------------------------------- 1 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) 2 | 3 | require 'bundler/setup' # Set up gems listed in the Gemfile. 4 | -------------------------------------------------------------------------------- /app/serializers/v1/user_serializer.rb: -------------------------------------------------------------------------------- 1 | module V1 2 | class UserSerializer < ActiveModel::Serializer 3 | 4 | attributes :username 5 | 6 | end 7 | end 8 | -------------------------------------------------------------------------------- /test/models/story_test.rb: -------------------------------------------------------------------------------- 1 | require 'test_helper' 2 | 3 | class StoryTest < ActiveSupport::TestCase 4 | # test "the truth" do 5 | # assert true 6 | # end 7 | end 8 | -------------------------------------------------------------------------------- /test/models/user_test.rb: -------------------------------------------------------------------------------- 1 | require 'test_helper' 2 | 3 | class UserTest < ActiveSupport::TestCase 4 | # test "the truth" do 5 | # assert true 6 | # end 7 | end 8 | -------------------------------------------------------------------------------- /config.ru: -------------------------------------------------------------------------------- 1 | # This file is used by Rack-based servers to start the application. 2 | 3 | require ::File.expand_path('../config/environment', __FILE__) 4 | run Rails.application 5 | -------------------------------------------------------------------------------- /config/initializers/cookies_serializer.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | Rails.application.config.action_dispatch.cookies_serializer = :json 4 | -------------------------------------------------------------------------------- /config/initializers/session_store.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | Rails.application.config.session_store :cookie_store, key: '_small_session' 4 | -------------------------------------------------------------------------------- /db/migrate/20150130155230_add_username_to_user.rb: -------------------------------------------------------------------------------- 1 | class AddUsernameToUser < ActiveRecord::Migration 2 | def change 3 | add_column :users, :username, :string 4 | end 5 | end 6 | -------------------------------------------------------------------------------- /config/environment.rb: -------------------------------------------------------------------------------- 1 | # Load the Rails application. 2 | require File.expand_path('../application', __FILE__) 3 | 4 | # Initialize the Rails application. 5 | Rails.application.initialize! 6 | -------------------------------------------------------------------------------- /db/migrate/20150129090542_add_access_token_to_user.rb: -------------------------------------------------------------------------------- 1 | class AddAccessTokenToUser < ActiveRecord::Migration 2 | def change 3 | add_column :users, :access_token, :string 4 | end 5 | end 6 | -------------------------------------------------------------------------------- /bin/rake: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | begin 3 | load File.expand_path("../spring", __FILE__) 4 | rescue LoadError 5 | end 6 | require_relative '../config/boot' 7 | require 'rake' 8 | Rake.application.run 9 | -------------------------------------------------------------------------------- /config/initializers/mime_types.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Add new mime types for use in respond_to blocks: 4 | # Mime::Type.register "text/richtext", :rtf 5 | -------------------------------------------------------------------------------- /app/models/story.rb: -------------------------------------------------------------------------------- 1 | class Story < ActiveRecord::Base 2 | 3 | belongs_to :user 4 | 5 | validates :body, presence: true 6 | validates :title, presence: true 7 | validates :user, presence: true 8 | 9 | end 10 | -------------------------------------------------------------------------------- /public/robots.txt: -------------------------------------------------------------------------------- 1 | # See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file 2 | # 3 | # To ban all spiders from the entire site uncomment the next two lines: 4 | # User-agent: * 5 | # Disallow: / 6 | -------------------------------------------------------------------------------- /config/initializers/filter_parameter_logging.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Configure sensitive parameters which will be filtered from the log file. 4 | Rails.application.config.filter_parameters += [:password] 5 | -------------------------------------------------------------------------------- /bin/rails: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | begin 3 | load File.expand_path("../spring", __FILE__) 4 | rescue LoadError 5 | end 6 | APP_PATH = File.expand_path('../../config/application', __FILE__) 7 | require_relative '../config/boot' 8 | require 'rails/commands' 9 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | # Add your own tasks in files placed in lib/tasks ending in .rake, 2 | # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. 3 | 4 | require File.expand_path('../config/application', __FILE__) 5 | 6 | Rails.application.load_tasks 7 | -------------------------------------------------------------------------------- /db/seeds.rb: -------------------------------------------------------------------------------- 1 | require 'faker' 2 | 3 | 10.times do 4 | User.create(email: Faker::Internet.email, username: Faker::Internet.user_name, password: 'password') 5 | end 6 | 7 | 10.times do 8 | Story.create(title: Faker::Name.title, body: Faker::Lorem.paragraph(30 + rand(70)), user: User.all.sample) 9 | end 10 | -------------------------------------------------------------------------------- /db/migrate/20150129102411_create_stories.rb: -------------------------------------------------------------------------------- 1 | class CreateStories < ActiveRecord::Migration 2 | def change 3 | create_table :stories do |t| 4 | t.string :title 5 | t.text :body 6 | t.belongs_to :user, index: true 7 | 8 | t.timestamps null: false 9 | end 10 | end 11 | end 12 | -------------------------------------------------------------------------------- /app/serializers/v1/stories_serializer.rb: -------------------------------------------------------------------------------- 1 | module V1 2 | class StoriesSerializer < ActiveModel::Serializer 3 | 4 | attributes :title, :created_at, :abstract, :id 5 | has_one :user, serializer: V1::UserSerializer 6 | 7 | def abstract 8 | object.body[0..200] 9 | end 10 | 11 | end 12 | end 13 | 14 | -------------------------------------------------------------------------------- /config/routes.rb: -------------------------------------------------------------------------------- 1 | Rails.application.routes.draw do 2 | devise_for :user, only: [] 3 | 4 | namespace :v1, defaults: { format: :json } do 5 | resource :login, only: [:create], controller: :sessions 6 | resources :users, only: [:create] 7 | resources :stories, only: [:index, :show, :create] 8 | end 9 | end 10 | -------------------------------------------------------------------------------- /app/serializers/v1/story_serializer.rb: -------------------------------------------------------------------------------- 1 | module V1 2 | class StorySerializer < ActiveModel::Serializer 3 | 4 | attributes :title, :body, :created_at, :abstract, :id 5 | has_one :user, serializer: V1::UserSerializer 6 | 7 | def abstract 8 | object.body[0..200] 9 | end 10 | 11 | end 12 | end 13 | 14 | -------------------------------------------------------------------------------- /app/serializers/v1/session_serializer.rb: -------------------------------------------------------------------------------- 1 | module V1 2 | class SessionSerializer < ActiveModel::Serializer 3 | 4 | attributes :email, :username, :token_type, :user_id, :access_token 5 | 6 | def user_id 7 | object.id 8 | end 9 | 10 | def token_type 11 | 'Bearer' 12 | end 13 | 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /test/test_helper.rb: -------------------------------------------------------------------------------- 1 | ENV['RAILS_ENV'] ||= 'test' 2 | require File.expand_path('../../config/environment', __FILE__) 3 | require 'rails/test_help' 4 | 5 | class ActiveSupport::TestCase 6 | # Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order. 7 | fixtures :all 8 | 9 | # Add more helper methods to be used by all tests here... 10 | end 11 | -------------------------------------------------------------------------------- /test/fixtures/stories.yml: -------------------------------------------------------------------------------- 1 | # Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html 2 | 3 | # This model initially had no columns defined. If you add columns to the 4 | # model remove the '{}' from the fixture names and add the columns immediately 5 | # below each fixture, per the syntax in the comments below 6 | # 7 | one: {} 8 | # column: value 9 | # 10 | two: {} 11 | # column: value 12 | -------------------------------------------------------------------------------- /test/fixtures/users.yml: -------------------------------------------------------------------------------- 1 | # Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html 2 | 3 | # This model initially had no columns defined. If you add columns to the 4 | # model remove the '{}' from the fixture names and add the columns immediately 5 | # below each fixture, per the syntax in the comments below 6 | # 7 | one: {} 8 | # column: value 9 | # 10 | two: {} 11 | # column: value 12 | -------------------------------------------------------------------------------- /config/initializers/backtrace_silencers.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces. 4 | # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ } 5 | 6 | # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code. 7 | # Rails.backtrace_cleaner.remove_silencers! 8 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | gem 'rails', '4.2.0' 4 | gem 'rails-api', '~> 0.4.0' 5 | gem 'active_model_serializers', '~> 0.8.3' # NOTE: not the 0.9 6 | gem 'devise', '~> 3.4.1' 7 | gem 'sqlite3' 8 | gem 'rack-cors', require: 'rack/cors' 9 | gem 'sdoc', '~> 0.4.0', group: :doc 10 | gem 'thin' 11 | 12 | group :development, :test do 13 | gem 'faker' 14 | gem 'byebug' 15 | gem 'web-console', '~> 2.0' 16 | gem 'spring' 17 | end 18 | 19 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.orig 2 | *.swp 3 | # Ignore bundler config. 4 | /.bundle 5 | 6 | # Ignore the default SQLite database. 7 | /db/*.sqlite3 8 | /db/*.sqlite3-journal 9 | 10 | # Ignore database schema 11 | /db/schema.rb 12 | 13 | # Ignore all logfiles and tempfiles. 14 | /log/*.log 15 | /tmp 16 | 17 | # Ignore IDE stuff 18 | .idea/ 19 | 20 | # Ignore .rvmrc 21 | .rvmrc 22 | .ruby-version 23 | .ruby-gemset 24 | 25 | # Ignore public 26 | /public/system/** 27 | 28 | # Mac stuff 29 | .DS_Store 30 | 31 | # CTAGS 32 | tags 33 | 34 | vendor/bundle 35 | -------------------------------------------------------------------------------- /config/initializers/assets.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Version of your assets, change this if you want to expire all your assets. 4 | Rails.application.config.assets.version = '1.0' 5 | 6 | # Add additional assets to the asset load path 7 | # Rails.application.config.assets.paths << Emoji.images_path 8 | 9 | # Precompile additional assets. 10 | # application.js, application.css, and all non-JS/CSS in app/assets folder are already added. 11 | # Rails.application.config.assets.precompile += %w( search.js ) 12 | -------------------------------------------------------------------------------- /bin/spring: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | 3 | # This file loads spring without using Bundler, in order to be fast 4 | # It gets overwritten when you run the `spring binstub` command 5 | 6 | unless defined?(Spring) 7 | require "rubygems" 8 | require "bundler" 9 | 10 | if match = Bundler.default_lockfile.read.match(/^GEM$.*?^ (?: )*spring \((.*?)\)$.*?^$/m) 11 | ENV["GEM_PATH"] = ([Bundler.bundle_path.to_s] + Gem.path).join(File::PATH_SEPARATOR) 12 | ENV["GEM_HOME"] = "" 13 | Gem.paths = ENV 14 | 15 | gem "spring", match[1] 16 | require "spring/binstub" 17 | end 18 | end 19 | -------------------------------------------------------------------------------- /config/initializers/wrap_parameters.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # This file contains settings for ActionController::ParamsWrapper which 4 | # is enabled by default. 5 | 6 | # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array. 7 | ActiveSupport.on_load(:action_controller) do 8 | wrap_parameters format: [:json] if respond_to?(:wrap_parameters) 9 | end 10 | 11 | # To enable root element in JSON for ActiveRecord objects. 12 | # ActiveSupport.on_load(:active_record) do 13 | # self.include_root_in_json = true 14 | # end 15 | -------------------------------------------------------------------------------- /app/models/user.rb: -------------------------------------------------------------------------------- 1 | class User < ActiveRecord::Base 2 | devise :database_authenticatable, :recoverable, :validatable 3 | 4 | after_create :update_access_token! 5 | 6 | has_many :stories 7 | 8 | validates :username, presence: true 9 | validates :email, presence: true 10 | 11 | private 12 | 13 | def update_access_token! 14 | self.access_token = generate_access_token 15 | save 16 | end 17 | 18 | def generate_access_token 19 | loop do 20 | token = "#{self.id}:#{Devise.friendly_token}" 21 | break token unless User.where(access_token: token).first 22 | end 23 | end 24 | 25 | end 26 | -------------------------------------------------------------------------------- /config/database.yml: -------------------------------------------------------------------------------- 1 | # SQLite version 3.x 2 | # gem install sqlite3 3 | # 4 | # Ensure the SQLite 3 gem is defined in your Gemfile 5 | # gem 'sqlite3' 6 | # 7 | default: &default 8 | adapter: sqlite3 9 | pool: 5 10 | timeout: 5000 11 | 12 | development: 13 | <<: *default 14 | database: db/development.sqlite3 15 | 16 | # Warning: The database defined as "test" will be erased and 17 | # re-generated from your development database when you run "rake". 18 | # Do not set this db to the same as development or production. 19 | test: 20 | <<: *default 21 | database: db/test.sqlite3 22 | 23 | production: 24 | <<: *default 25 | database: db/production.sqlite3 26 | -------------------------------------------------------------------------------- /app/controllers/v1/users_controller.rb: -------------------------------------------------------------------------------- 1 | module V1 2 | class UsersController < ApplicationController 3 | skip_before_action :authenticate_user_from_token!, only: [:create] 4 | 5 | # POST /v1/users 6 | # Creates an user 7 | def create 8 | @user = User.new user_params 9 | 10 | if @user.save 11 | render json: @user, serializer: V1::SessionSerializer, root: nil 12 | else 13 | render json: { error: t('user_create_error') }, status: :unprocessable_entity 14 | end 15 | end 16 | 17 | private 18 | 19 | def user_params 20 | params.require(:user).permit(:email, :username, :password, :password_confirmation) 21 | end 22 | end 23 | end 24 | 25 | -------------------------------------------------------------------------------- /config/initializers/inflections.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Add new inflection rules using the following format. Inflections 4 | # are locale specific, and you may define rules for as many different 5 | # locales as you wish. All of these examples are active by default: 6 | # ActiveSupport::Inflector.inflections(:en) do |inflect| 7 | # inflect.plural /^(ox)$/i, '\1en' 8 | # inflect.singular /^(ox)en/i, '\1' 9 | # inflect.irregular 'person', 'people' 10 | # inflect.uncountable %w( fish sheep ) 11 | # end 12 | 13 | # These inflection rules are supported but not enabled by default: 14 | # ActiveSupport::Inflector.inflections(:en) do |inflect| 15 | # inflect.acronym 'RESTful' 16 | # end 17 | -------------------------------------------------------------------------------- /config/locales/en.yml: -------------------------------------------------------------------------------- 1 | # Files in the config/locales directory are used for internationalization 2 | # and are automatically loaded by Rails. If you want to use locales other 3 | # than English, add the necessary files in this directory. 4 | # 5 | # To use the locales, use `I18n.t`: 6 | # 7 | # I18n.t 'hello' 8 | # 9 | # In views, this is aliased to just `t`: 10 | # 11 | # <%= t('hello') %> 12 | # 13 | # To use a different locale, set it with `I18n.locale`: 14 | # 15 | # I18n.locale = :es 16 | # 17 | # This would use the information in config/locales/es.yml. 18 | # 19 | # To learn more, please read the Rails Internationalization guide 20 | # available at http://guides.rubyonrails.org/i18n.html. 21 | 22 | en: 23 | hello: "Hello world" 24 | -------------------------------------------------------------------------------- /config/application.rb: -------------------------------------------------------------------------------- 1 | require File.expand_path('../boot', __FILE__) 2 | 3 | require 'rails/all' 4 | 5 | # Require the gems listed in Gemfile, including any gems 6 | # you've limited to :test, :development, or :production. 7 | Bundler.require(*Rails.groups) 8 | 9 | module Small 10 | class Application < Rails::Application 11 | 12 | config.middleware.insert_before 'Rack::Runtime', 'Rack::Cors' do 13 | allow do 14 | origins '*' 15 | resource '*', 16 | headers: :any, 17 | methods: [:get, :put, :post, :patch, :delete, :options] 18 | end 19 | end 20 | 21 | # Do not swallow errors in after_commit/after_rollback callbacks. 22 | config.active_record.raise_in_transactional_callbacks = true 23 | end 24 | end 25 | -------------------------------------------------------------------------------- /app/controllers/v1/sessions_controller.rb: -------------------------------------------------------------------------------- 1 | # app/controllers/v1/sessions_controller.rb 2 | module V1 3 | class SessionsController < ApplicationController 4 | skip_before_action :authenticate_user_from_token! 5 | 6 | # POST /v1/login 7 | def create 8 | @user = User.find_for_database_authentication(email: params[:email]) 9 | return invalid_login_attempt unless @user 10 | 11 | if @user.valid_password?(params[:password]) 12 | sign_in :user, @user 13 | render json: @user, serializer: SessionSerializer, root: nil 14 | else 15 | invalid_login_attempt 16 | end 17 | end 18 | 19 | private 20 | 21 | def invalid_login_attempt 22 | warden.custom_failure! 23 | render json: {error: t('sessions_controller.invalid_login_attempt')}, status: :unprocessable_entity 24 | end 25 | 26 | end 27 | end 28 | -------------------------------------------------------------------------------- /db/migrate/20150129085434_devise_create_users.rb: -------------------------------------------------------------------------------- 1 | class DeviseCreateUsers < ActiveRecord::Migration 2 | def change 3 | create_table(:users) do |t| 4 | t.string :email, null: false, default: "" 5 | t.string :encrypted_password, null: false, default: "" 6 | 7 | ## Recoverable 8 | t.string :reset_password_token 9 | t.datetime :reset_password_sent_at 10 | 11 | ## Rememberable 12 | t.datetime :remember_created_at 13 | 14 | ## Trackable 15 | t.integer :sign_in_count, default: 0, null: false 16 | t.datetime :current_sign_in_at 17 | t.datetime :last_sign_in_at 18 | t.string :current_sign_in_ip 19 | t.string :last_sign_in_ip 20 | 21 | t.timestamps 22 | end 23 | 24 | add_index :users, :email, unique: true 25 | add_index :users, :reset_password_token, unique: true 26 | end 27 | end 28 | -------------------------------------------------------------------------------- /bin/setup: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | require 'pathname' 3 | 4 | # path to your application root. 5 | APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) 6 | 7 | Dir.chdir APP_ROOT do 8 | # This script is a starting point to setup your application. 9 | # Add necessary setup steps to this file: 10 | 11 | puts "== Installing dependencies ==" 12 | system "gem install bundler --conservative" 13 | system "bundle check || bundle install" 14 | 15 | # puts "\n== Copying sample files ==" 16 | # unless File.exist?("config/database.yml") 17 | # system "cp config/database.yml.sample config/database.yml" 18 | # end 19 | 20 | puts "\n== Preparing database ==" 21 | system "bin/rake db:setup" 22 | 23 | puts "\n== Removing old logs and tempfiles ==" 24 | system "rm -f log/*" 25 | system "rm -rf tmp/cache" 26 | 27 | puts "\n== Restarting application server ==" 28 | system "touch tmp/restart.txt" 29 | end 30 | -------------------------------------------------------------------------------- /config/secrets.yml: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Your secret key is used for verifying the integrity of signed cookies. 4 | # If you change this key, all old signed cookies will become invalid! 5 | 6 | # Make sure the secret is at least 30 characters and all random, 7 | # no regular words or you'll be exposed to dictionary attacks. 8 | # You can use `rake secret` to generate a secure secret key. 9 | 10 | # Make sure the secrets in this file are kept private 11 | # if you're sharing your code publicly. 12 | 13 | development: 14 | secret_key_base: 31a974557fdb09d5bf724f024494a8c5851f35887a1a35c70fe2901a6d9ff13bec5b99a1e4aefb27750191b1a7cadf1364b0f773f1f3657fb0e564246942c82b 15 | 16 | test: 17 | secret_key_base: 146655b17f2aa24c4c36143d8de1380f5c9d1e6c3cab76171d241d9dff6c9e7e2feaba12205bc19c4168a1c64a31a818fcad943f67ee46abe877f7701c4c35a5 18 | 19 | # Do not keep production secrets in the repository, 20 | # instead read values from the environment. 21 | production: 22 | secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> 23 | -------------------------------------------------------------------------------- /app/controllers/v1/stories_controller.rb: -------------------------------------------------------------------------------- 1 | module V1 2 | class StoriesController < ApplicationController 3 | skip_before_action :authenticate_user_from_token!, only: [:index, :show] 4 | 5 | # GET /v1/stories 6 | # Get all the stories 7 | def index 8 | @stories = Story.includes(:user).order(created_at: :desc).all 9 | render json: @stories, each_serializer: StoriesSerializer 10 | end 11 | 12 | def show 13 | @story = Story.find(params[:id]) 14 | render json: @story, serializer: StorySerializer 15 | end 16 | 17 | # POST /v1/stories 18 | # Add a new story 19 | def create 20 | @story = Story.new(story_params) 21 | 22 | if @story.save 23 | render json: @story, serializer: StorySerializer 24 | else 25 | render json: { error: t('story_create_error') }, status: :unprocessable_entity 26 | end 27 | end 28 | 29 | private 30 | 31 | def story_params 32 | params.require(:story).permit(:title, :body).merge(user: current_user) 33 | end 34 | 35 | end 36 | end 37 | 38 | -------------------------------------------------------------------------------- /app/controllers/application_controller.rb: -------------------------------------------------------------------------------- 1 | class ApplicationController < ActionController::API 2 | include AbstractController::Translation 3 | 4 | before_action :authenticate_user_from_token! 5 | 6 | respond_to :json 7 | 8 | ## 9 | # User Authentication 10 | # Authenticates the user with OAuth2 Resource Owner Password Credentials Grant 11 | def authenticate_user_from_token! 12 | auth_token = request.headers['Authorization'] 13 | 14 | if auth_token 15 | authenticate_with_auth_token auth_token 16 | else 17 | authentication_error 18 | end 19 | end 20 | 21 | private 22 | 23 | def authenticate_with_auth_token auth_token 24 | unless auth_token.include?(':') 25 | authentication_error 26 | return 27 | end 28 | 29 | user_id = auth_token.split(':').first 30 | user = User.where(id: user_id).first 31 | 32 | if user && Devise.secure_compare(user.access_token, auth_token) 33 | # User can access 34 | sign_in user, store: false 35 | else 36 | authentication_error 37 | end 38 | end 39 | 40 | ## 41 | # Authentication Failure 42 | # Renders a 401 error 43 | def authentication_error 44 | # User's token is either invalid or not in the right format 45 | render json: {error: t('application_controller.unauthorized')}, status: 401 # Authentication timeout 46 | end 47 | end 48 | 49 | -------------------------------------------------------------------------------- /public/500.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | We're sorry, but something went wrong (500) 5 | 6 | 55 | 56 | 57 | 58 | 59 |
60 |
61 |

We're sorry, but something went wrong.

62 |
63 |

If you are the application owner check the logs for more information.

64 |
65 | 66 | 67 | -------------------------------------------------------------------------------- /config/environments/development.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # In the development environment your application's code is reloaded on 5 | # every request. This slows down response time but is perfect for development 6 | # since you don't have to restart the web server when you make code changes. 7 | config.cache_classes = false 8 | 9 | # Do not eager load code on boot. 10 | config.eager_load = false 11 | 12 | # Show full error reports and disable caching. 13 | config.consider_all_requests_local = true 14 | config.action_controller.perform_caching = false 15 | 16 | # Don't care if the mailer can't send. 17 | config.action_mailer.raise_delivery_errors = false 18 | 19 | # Print deprecation notices to the Rails logger. 20 | config.active_support.deprecation = :log 21 | 22 | # Raise an error on page load if there are pending migrations. 23 | config.active_record.migration_error = :page_load 24 | 25 | # Debug mode disables concatenation and preprocessing of assets. 26 | # This option may cause significant delays in view rendering with a large 27 | # number of complex assets. 28 | config.assets.debug = true 29 | 30 | # Asset digests allow you to set far-future HTTP expiration dates on all assets, 31 | # yet still be able to expire them through the digest params. 32 | config.assets.digest = true 33 | 34 | # Adds additional error checking when serving assets at runtime. 35 | # Checks for improperly declared sprockets dependencies. 36 | # Raises helpful error messages. 37 | config.assets.raise_runtime_errors = true 38 | 39 | # Raises error for missing translations 40 | # config.action_view.raise_on_missing_translations = true 41 | end 42 | -------------------------------------------------------------------------------- /public/422.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | The change you wanted was rejected (422) 5 | 6 | 55 | 56 | 57 | 58 | 59 |
60 |
61 |

The change you wanted was rejected.

62 |

Maybe you tried to change something you didn't have access to.

63 |
64 |

If you are the application owner check the logs for more information.

65 |
66 | 67 | 68 | -------------------------------------------------------------------------------- /public/404.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | The page you were looking for doesn't exist (404) 5 | 6 | 55 | 56 | 57 | 58 | 59 |
60 |
61 |

The page you were looking for doesn't exist.

62 |

You may have mistyped the address or the page may have moved.

63 |
64 |

If you are the application owner check the logs for more information.

65 |
66 | 67 | 68 | -------------------------------------------------------------------------------- /config/environments/test.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # The test environment is used exclusively to run your application's 5 | # test suite. You never need to work with it otherwise. Remember that 6 | # your test database is "scratch space" for the test suite and is wiped 7 | # and recreated between test runs. Don't rely on the data there! 8 | config.cache_classes = true 9 | 10 | # Do not eager load code on boot. This avoids loading your whole application 11 | # just for the purpose of running a single test. If you are using a tool that 12 | # preloads Rails for running tests, you may have to set it to true. 13 | config.eager_load = false 14 | 15 | # Configure static file server for tests with Cache-Control for performance. 16 | config.serve_static_files = true 17 | config.static_cache_control = 'public, max-age=3600' 18 | 19 | # Show full error reports and disable caching. 20 | config.consider_all_requests_local = true 21 | config.action_controller.perform_caching = false 22 | 23 | # Raise exceptions instead of rendering exception templates. 24 | config.action_dispatch.show_exceptions = false 25 | 26 | # Disable request forgery protection in test environment. 27 | config.action_controller.allow_forgery_protection = false 28 | 29 | # Tell Action Mailer not to deliver emails to the real world. 30 | # The :test delivery method accumulates sent emails in the 31 | # ActionMailer::Base.deliveries array. 32 | config.action_mailer.delivery_method = :test 33 | 34 | # Randomize the order test cases are executed. 35 | config.active_support.test_order = :random 36 | 37 | # Print deprecation notices to the stderr. 38 | config.active_support.deprecation = :stderr 39 | 40 | # Raises error for missing translations 41 | # config.action_view.raise_on_missing_translations = true 42 | end 43 | -------------------------------------------------------------------------------- /config/environments/production.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # Code is not reloaded between requests. 5 | config.cache_classes = true 6 | 7 | # Eager load code on boot. This eager loads most of Rails and 8 | # your application in memory, allowing both threaded web servers 9 | # and those relying on copy on write to perform better. 10 | # Rake tasks automatically ignore this option for performance. 11 | config.eager_load = true 12 | 13 | # Full error reports are disabled and caching is turned on. 14 | config.consider_all_requests_local = false 15 | config.action_controller.perform_caching = true 16 | 17 | # Enable Rack::Cache to put a simple HTTP cache in front of your application 18 | # Add `rack-cache` to your Gemfile before enabling this. 19 | # For large-scale production use, consider using a caching reverse proxy like 20 | # NGINX, varnish or squid. 21 | # config.action_dispatch.rack_cache = true 22 | 23 | # Disable serving static files from the `/public` folder by default since 24 | # Apache or NGINX already handles this. 25 | config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present? 26 | 27 | # Compress JavaScripts and CSS. 28 | config.assets.js_compressor = :uglifier 29 | # config.assets.css_compressor = :sass 30 | 31 | # Do not fallback to assets pipeline if a precompiled asset is missed. 32 | config.assets.compile = false 33 | 34 | # Asset digests allow you to set far-future HTTP expiration dates on all assets, 35 | # yet still be able to expire them through the digest params. 36 | config.assets.digest = true 37 | 38 | # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb 39 | 40 | # Specifies the header that your server uses for sending files. 41 | # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache 42 | # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX 43 | 44 | # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. 45 | # config.force_ssl = true 46 | 47 | # Use the lowest log level to ensure availability of diagnostic information 48 | # when problems arise. 49 | config.log_level = :debug 50 | 51 | # Prepend all log lines with the following tags. 52 | # config.log_tags = [ :subdomain, :uuid ] 53 | 54 | # Use a different logger for distributed setups. 55 | # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) 56 | 57 | # Use a different cache store in production. 58 | # config.cache_store = :mem_cache_store 59 | 60 | # Enable serving of images, stylesheets, and JavaScripts from an asset server. 61 | # config.action_controller.asset_host = 'http://assets.example.com' 62 | 63 | # Ignore bad email addresses and do not raise email delivery errors. 64 | # Set this to true and configure the email server for immediate delivery to raise delivery errors. 65 | # config.action_mailer.raise_delivery_errors = false 66 | 67 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to 68 | # the I18n.default_locale when a translation cannot be found). 69 | config.i18n.fallbacks = true 70 | 71 | # Send deprecation notices to registered listeners. 72 | config.active_support.deprecation = :notify 73 | 74 | # Use default logging formatter so that PID and timestamp are not suppressed. 75 | config.log_formatter = ::Logger::Formatter.new 76 | 77 | # Do not dump schema after migrations. 78 | config.active_record.dump_schema_after_migration = false 79 | end 80 | -------------------------------------------------------------------------------- /config/locales/devise.en.yml: -------------------------------------------------------------------------------- 1 | # Additional translations at https://github.com/plataformatec/devise/wiki/I18n 2 | 3 | en: 4 | devise: 5 | confirmations: 6 | confirmed: "Your email address has been successfully confirmed." 7 | send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes." 8 | send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes." 9 | failure: 10 | already_authenticated: "You are already signed in." 11 | inactive: "Your account is not activated yet." 12 | invalid: "Invalid %{authentication_keys} or password." 13 | locked: "Your account is locked." 14 | last_attempt: "You have one more attempt before your account is locked." 15 | not_found_in_database: "Invalid %{authentication_keys} or password." 16 | timeout: "Your session expired. Please sign in again to continue." 17 | unauthenticated: "You need to sign in or sign up before continuing." 18 | unconfirmed: "You have to confirm your email address before continuing." 19 | mailer: 20 | confirmation_instructions: 21 | subject: "Confirmation instructions" 22 | reset_password_instructions: 23 | subject: "Reset password instructions" 24 | unlock_instructions: 25 | subject: "Unlock instructions" 26 | omniauth_callbacks: 27 | failure: "Could not authenticate you from %{kind} because \"%{reason}\"." 28 | success: "Successfully authenticated from %{kind} account." 29 | passwords: 30 | no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided." 31 | send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes." 32 | send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes." 33 | updated: "Your password has been changed successfully. You are now signed in." 34 | updated_not_active: "Your password has been changed successfully." 35 | registrations: 36 | destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon." 37 | signed_up: "Welcome! You have signed up successfully." 38 | signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated." 39 | signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked." 40 | signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account." 41 | update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirm link to confirm your new email address." 42 | updated: "Your account has been updated successfully." 43 | sessions: 44 | signed_in: "Signed in successfully." 45 | signed_out: "Signed out successfully." 46 | already_signed_out: "Signed out successfully." 47 | unlocks: 48 | send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes." 49 | send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes." 50 | unlocked: "Your account has been unlocked successfully. Please sign in to continue." 51 | errors: 52 | messages: 53 | already_confirmed: "was already confirmed, please try signing in" 54 | confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one" 55 | expired: "has expired, please request a new one" 56 | not_found: "not found" 57 | not_locked: "was not locked" 58 | not_saved: 59 | one: "1 error prohibited this %{resource} from being saved:" 60 | other: "%{count} errors prohibited this %{resource} from being saved:" 61 | -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | actionmailer (4.2.0) 5 | actionpack (= 4.2.0) 6 | actionview (= 4.2.0) 7 | activejob (= 4.2.0) 8 | mail (~> 2.5, >= 2.5.4) 9 | rails-dom-testing (~> 1.0, >= 1.0.5) 10 | actionpack (4.2.0) 11 | actionview (= 4.2.0) 12 | activesupport (= 4.2.0) 13 | rack (~> 1.6.0) 14 | rack-test (~> 0.6.2) 15 | rails-dom-testing (~> 1.0, >= 1.0.5) 16 | rails-html-sanitizer (~> 1.0, >= 1.0.1) 17 | actionview (4.2.0) 18 | activesupport (= 4.2.0) 19 | builder (~> 3.1) 20 | erubis (~> 2.7.0) 21 | rails-dom-testing (~> 1.0, >= 1.0.5) 22 | rails-html-sanitizer (~> 1.0, >= 1.0.1) 23 | active_model_serializers (0.8.3) 24 | activemodel (>= 3.0) 25 | activejob (4.2.0) 26 | activesupport (= 4.2.0) 27 | globalid (>= 0.3.0) 28 | activemodel (4.2.0) 29 | activesupport (= 4.2.0) 30 | builder (~> 3.1) 31 | activerecord (4.2.0) 32 | activemodel (= 4.2.0) 33 | activesupport (= 4.2.0) 34 | arel (~> 6.0) 35 | activesupport (4.2.0) 36 | i18n (~> 0.7) 37 | json (~> 1.7, >= 1.7.7) 38 | minitest (~> 5.1) 39 | thread_safe (~> 0.3, >= 0.3.4) 40 | tzinfo (~> 1.1) 41 | arel (6.0.0) 42 | bcrypt (3.1.10) 43 | binding_of_caller (0.7.2) 44 | debug_inspector (>= 0.0.1) 45 | builder (3.2.2) 46 | byebug (3.5.1) 47 | columnize (~> 0.8) 48 | debugger-linecache (~> 1.2) 49 | slop (~> 3.6) 50 | columnize (0.9.0) 51 | daemons (1.1.9) 52 | debug_inspector (0.0.2) 53 | debugger-linecache (1.2.0) 54 | devise (3.4.1) 55 | bcrypt (~> 3.0) 56 | orm_adapter (~> 0.1) 57 | railties (>= 3.2.6, < 5) 58 | responders 59 | thread_safe (~> 0.1) 60 | warden (~> 1.2.3) 61 | erubis (2.7.0) 62 | eventmachine (1.0.4) 63 | faker (1.4.3) 64 | i18n (~> 0.5) 65 | globalid (0.3.0) 66 | activesupport (>= 4.1.0) 67 | hike (1.2.3) 68 | i18n (0.7.0) 69 | json (1.8.2) 70 | loofah (2.0.1) 71 | nokogiri (>= 1.5.9) 72 | mail (2.6.3) 73 | mime-types (>= 1.16, < 3) 74 | mime-types (2.4.3) 75 | mini_portile (0.6.2) 76 | minitest (5.5.1) 77 | multi_json (1.10.1) 78 | nokogiri (1.6.6.2) 79 | mini_portile (~> 0.6.0) 80 | orm_adapter (0.5.0) 81 | rack (1.6.0) 82 | rack-cors (0.3.1) 83 | rack-test (0.6.3) 84 | rack (>= 1.0) 85 | rails (4.2.0) 86 | actionmailer (= 4.2.0) 87 | actionpack (= 4.2.0) 88 | actionview (= 4.2.0) 89 | activejob (= 4.2.0) 90 | activemodel (= 4.2.0) 91 | activerecord (= 4.2.0) 92 | activesupport (= 4.2.0) 93 | bundler (>= 1.3.0, < 2.0) 94 | railties (= 4.2.0) 95 | sprockets-rails 96 | rails-api (0.4.0) 97 | actionpack (>= 3.2.11) 98 | railties (>= 3.2.11) 99 | rails-deprecated_sanitizer (1.0.3) 100 | activesupport (>= 4.2.0.alpha) 101 | rails-dom-testing (1.0.5) 102 | activesupport (>= 4.2.0.beta, < 5.0) 103 | nokogiri (~> 1.6.0) 104 | rails-deprecated_sanitizer (>= 1.0.1) 105 | rails-html-sanitizer (1.0.1) 106 | loofah (~> 2.0) 107 | railties (4.2.0) 108 | actionpack (= 4.2.0) 109 | activesupport (= 4.2.0) 110 | rake (>= 0.8.7) 111 | thor (>= 0.18.1, < 2.0) 112 | rake (10.4.2) 113 | rdoc (4.2.0) 114 | responders (2.1.0) 115 | railties (>= 4.2.0, < 5) 116 | sdoc (0.4.1) 117 | json (~> 1.7, >= 1.7.7) 118 | rdoc (~> 4.0) 119 | slop (3.6.0) 120 | spring (1.2.0) 121 | sprockets (2.12.3) 122 | hike (~> 1.2) 123 | multi_json (~> 1.0) 124 | rack (~> 1.0) 125 | tilt (~> 1.1, != 1.3.0) 126 | sprockets-rails (2.2.4) 127 | actionpack (>= 3.0) 128 | activesupport (>= 3.0) 129 | sprockets (>= 2.8, < 4.0) 130 | sqlite3 (1.3.10) 131 | thin (1.6.3) 132 | daemons (~> 1.0, >= 1.0.9) 133 | eventmachine (~> 1.0) 134 | rack (~> 1.0) 135 | thor (0.19.1) 136 | thread_safe (0.3.4) 137 | tilt (1.4.1) 138 | tzinfo (1.2.2) 139 | thread_safe (~> 0.1) 140 | warden (1.2.3) 141 | rack (>= 1.0) 142 | web-console (2.0.0) 143 | activemodel (~> 4.0) 144 | binding_of_caller (>= 0.7.2) 145 | railties (~> 4.0) 146 | sprockets-rails (>= 2.0, < 4.0) 147 | 148 | PLATFORMS 149 | ruby 150 | 151 | DEPENDENCIES 152 | active_model_serializers (~> 0.8.3) 153 | byebug 154 | devise (~> 3.4.1) 155 | faker 156 | rack-cors 157 | rails (= 4.2.0) 158 | rails-api (~> 0.4.0) 159 | sdoc (~> 0.4.0) 160 | spring 161 | sqlite3 162 | thin 163 | web-console (~> 2.0) 164 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Small - Rails API 2 | This is a sample project used to illustrate the Flux architecture with React. Checkout the full article [here](http://fancypixel.github.io/blog/2015/01/28/react-plus-flux-backed-by-rails-api/) 3 | 4 | ## Setup 5 | ``` 6 | bundle install 7 | rake db:create 8 | rake db:migrate 9 | rake db:seed 10 | rails s 11 | ``` 12 | 13 | ## Consuming the API 14 | 15 | #### Signup - users#create 16 | ```bash 17 | curl -X POST -H "Content-Type: application/json" -d '{"user": {"username": "testuser", "email": "test@example.com", "password": "12341234", "password_confirmation": "12341234"}}' http://localhost:3000/v1/users 18 | 19 | >> {"email":"test@example.com","username":"testuser","token_type":"Bearer","user_id":12,"access_token":"12:cccyXLZ7o_XpK6MxU_Bt"} 20 | ``` 21 | 22 | #### Login - sessions#create 23 | ```bash 24 | curl -X POST -H "Content-Type: application/json" -d '{"email": "test@example.com", "password": "12341234"}' http://localhost:3000/v1/login 25 | 26 | >> {"email":"test@example.com","username":"testuser","token_type":"Bearer","user_id":12,"access_token":"12:cccyXLZ7o_XpK6MxU_Bt"} 27 | ``` 28 | 29 | #### Create Story - stories#create 30 | ```bash 31 | curl -X POST -H "Content-type: application/json" -H "Authorization: 12:cccyXLZ7o_XpK6MxU_Bt" -d '{ "story": { "title": "Test Title", "body": "blah blah blah blah blah blah blah" } }' http://localhost:3000/v1/stories 32 | 33 | >> {"story":{"title":"Test Title","body":"blah blah blah blah blah blah blah","created_at":"2015-08-20T19:43:07.701Z","abstract":"blah blah blah blah blah blah blah","id":11,"user":{"username":"testuser"}}} 34 | ``` 35 | 36 | #### Show Story - stories#show 37 | ```bash 38 | curl -X GET -H "Content-type: application/json" -H "Authorization: 12:cccyXLZ7o_XpK6MxU_Bt" http://localhost:3000/v1/stories/11 39 | 40 | >> {"story":{"title":"Test Title","body":"blah blah blah blah blah blah blah","created_at":"2015-08-20T19:43:07.701Z","abstract":"blah blah blah blah blah blah blah","id":11,"user":{"username":"testuser"}}} 41 | ``` 42 | 43 | #### All Stories - stories#index 44 | ```bash 45 | curl -X GET -H "Content-type: application/json" -H "Authorization: 12:cccyXLZ7o_XpK6MxU_Bt" http://localhost:3000/v1/stories/ 46 | 47 | >> {"stories":[{"title":"Test Title","created_at":"2015-08-20T19:43:07.701Z","abstract":"blah blah blah blah blah blah blah","id":11,"user":{"username":"testuser"}},{"title":"Direct Communications Manager","created_at":"2015-08-20T17:43:14.845Z","abstract":"Dignissimos quidem voluptas beatae voluptatibus. Nihil dolorem eveniet maxime. Ex aut sapiente laborum vel temporibus tempora nobis. Qui magnam repudiandae ut et. Et minus quia dolorum illo esse. Ut ad","id":10,"user":{"username":"gino_huel"}},{"title":"Senior Creative Assistant","created_at":"2015-08-20T17:43:14.840Z","abstract":"Consequuntur enim nulla. Velit nihil ipsum voluptates nulla aperiam commodi qui. Voluptatem in enim. Placeat voluptate sed et culpa non molestias. Ut et nihil aut iure exercitationem. Ut laborum quia r","id":9,"user":{"username":"ali.keler"}},{"title":"National Interactions Executive","created_at":"2015-08-20T17:43:14.837Z","abstract":"Impedit voluptatem reiciendis est provident quia aut fugit. Officia enim voluptas dignissimos tempora inventore quia possimus. Perferendis eos enim veritatis aspernatur ut. Sed placeat nihil. Suscipit ","id":8,"user":{"username":"ethel.weimann"}},{"title":"Senior Branding Developer","created_at":"2015-08-20T17:43:14.832Z","abstract":"Ut consequatur et ex fuga. Cumque dicta rem vel numquam tempora voluptas ut. Molestiae voluptas qui minima non. Laborum voluptatem consequatur velit sed. Eum eos id. Eum aliquid et iusto non. Asperiore","id":7,"user":{"username":"ali.keler"}},{"title":"Dynamic Metrics Engineer","created_at":"2015-08-20T17:43:14.828Z","abstract":"Ut dignissimos modi aut non. Eaque excepturi ipsa eligendi. Pariatur dolor cupiditate. Libero tenetur hic labore esse. Est amet praesentium quia corporis. Consequatur illum numquam similique deleniti r","id":6,"user":{"username":"ali.keler"}},{"title":"National Branding Specialist","created_at":"2015-08-20T17:43:14.824Z","abstract":"Porro omnis beatae. Omnis magnam quae. Iusto molestias cupiditate architecto consequuntur aut. Saepe placeat in odit eum quaerat commodi molestiae. Modi adipisci corrupti dolores sit vel atque. Magni m","id":5,"user":{"username":"margaretta"}},{"title":"National Interactions Technician","created_at":"2015-08-20T17:43:14.820Z","abstract":"Ipsum nesciunt id autem quas quaerat eum et. Ipsa non est fugiat adipisci. Suscipit facere explicabo consequatur. Eos ducimus corrupti. Ut voluptates nemo veritatis beatae sint. Ratione at quasi eos ma","id":4,"user":{"username":"ethel.weimann"}},{"title":"Internal Intranet Producer","created_at":"2015-08-20T17:43:14.816Z","abstract":"Dolor dolorum omnis eum maxime. Aut necessitatibus aut aspernatur. Nesciunt et provident laudantium explicabo expedita voluptatem distinctio. Iste aperiam veniam veritatis ex incidunt voluptas quisquam","id":3,"user":{"username":"abdullah"}},{"title":"Human Data Engineer","created_at":"2015-08-20T17:43:14.810Z","abstract":"Sapiente architecto unde explicabo sit tempora. Est quia eveniet cumque. Pariatur aut cupiditate qui. Dolor vitae harum eum quia voluptatum consequuntur omnis. Tenetur quasi et. A ut dolores. Amet reru","id":2,"user":{"username":"dawn"}},{"title":"International Optimization Technician","created_at":"2015-08-20T17:43:14.805Z","abstract":"Totam vitae harum reiciendis iste quod. Eum sapiente dolore consequatur et quod molestiae. A laboriosam rem et. Odio rerum perspiciatis quia architecto illum. Et eos eaque nemo. Voluptas eaque voluptat","id":1,"user":{"username":"daphnee"}}]} 48 | ``` 49 | 50 | 51 | # MIT License 52 | 53 | Copyright (c) 2015 Fancy Pixel. All rights reserved. 54 | 55 | Permission is hereby granted, free of charge, to any person obtaining a 56 | copy of this software and associated documentation files (the "Software"), 57 | to deal in the Software without restriction, including 58 | without limitation the rights to use, copy, modify, merge, publish, 59 | distribute, sublicense, and/or sell copies of the Software, and to 60 | permit persons to whom the Software is furnished to do so, subject to 61 | the following conditions: 62 | 63 | The above copyright notice and this permission notice shall be included 64 | in all copies or substantial portions of the Software. 65 | 66 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 67 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 68 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 69 | IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 70 | CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 71 | TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 72 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 73 | 74 | -------------------------------------------------------------------------------- /config/initializers/devise.rb: -------------------------------------------------------------------------------- 1 | # Use this hook to configure devise mailer, warden hooks and so forth. 2 | # Many of these configuration options can be set straight in your model. 3 | Devise.setup do |config| 4 | # The secret key used by Devise. Devise uses this key to generate 5 | # random tokens. Changing this key will render invalid all existing 6 | # confirmation, reset password and unlock tokens in the database. 7 | # config.secret_key = '5314bea3cb29e46c6c044d3a7fb69155e8dd4032ff9891a86bec0ba0397f6b2e23ff82299d775e86b8cf93cdfcb6f91822c2d6aea19c24056eb04489b3d17ca9' 8 | 9 | # ==> Mailer Configuration 10 | # Configure the e-mail address which will be shown in Devise::Mailer, 11 | # note that it will be overwritten if you use your own mailer class 12 | # with default "from" parameter. 13 | config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com' 14 | 15 | # Configure the class responsible to send e-mails. 16 | # config.mailer = 'Devise::Mailer' 17 | 18 | # ==> ORM configuration 19 | # Load and configure the ORM. Supports :active_record (default) and 20 | # :mongoid (bson_ext recommended) by default. Other ORMs may be 21 | # available as additional gems. 22 | require 'devise/orm/active_record' 23 | 24 | # ==> Configuration for any authentication mechanism 25 | # Configure which keys are used when authenticating a user. The default is 26 | # just :email. You can configure it to use [:username, :subdomain], so for 27 | # authenticating a user, both parameters are required. Remember that those 28 | # parameters are used only when authenticating and not when retrieving from 29 | # session. If you need permissions, you should implement that in a before filter. 30 | # You can also supply a hash where the value is a boolean determining whether 31 | # or not authentication should be aborted when the value is not present. 32 | # config.authentication_keys = [ :email ] 33 | 34 | # Configure parameters from the request object used for authentication. Each entry 35 | # given should be a request method and it will automatically be passed to the 36 | # find_for_authentication method and considered in your model lookup. For instance, 37 | # if you set :request_keys to [:subdomain], :subdomain will be used on authentication. 38 | # The same considerations mentioned for authentication_keys also apply to request_keys. 39 | # config.request_keys = [] 40 | 41 | # Configure which authentication keys should be case-insensitive. 42 | # These keys will be downcased upon creating or modifying a user and when used 43 | # to authenticate or find a user. Default is :email. 44 | config.case_insensitive_keys = [ :email ] 45 | 46 | # Configure which authentication keys should have whitespace stripped. 47 | # These keys will have whitespace before and after removed upon creating or 48 | # modifying a user and when used to authenticate or find a user. Default is :email. 49 | config.strip_whitespace_keys = [ :email ] 50 | 51 | # Tell if authentication through request.params is enabled. True by default. 52 | # It can be set to an array that will enable params authentication only for the 53 | # given strategies, for example, `config.params_authenticatable = [:database]` will 54 | # enable it only for database (email + password) authentication. 55 | # config.params_authenticatable = true 56 | 57 | # Tell if authentication through HTTP Auth is enabled. False by default. 58 | # It can be set to an array that will enable http authentication only for the 59 | # given strategies, for example, `config.http_authenticatable = [:database]` will 60 | # enable it only for database authentication. The supported strategies are: 61 | # :database = Support basic authentication with authentication key + password 62 | # config.http_authenticatable = false 63 | 64 | # If 401 status code should be returned for AJAX requests. True by default. 65 | # config.http_authenticatable_on_xhr = true 66 | 67 | # The realm used in Http Basic Authentication. 'Application' by default. 68 | # config.http_authentication_realm = 'Application' 69 | 70 | # It will change confirmation, password recovery and other workflows 71 | # to behave the same regardless if the e-mail provided was right or wrong. 72 | # Does not affect registerable. 73 | # config.paranoid = true 74 | 75 | # By default Devise will store the user in session. You can skip storage for 76 | # particular strategies by setting this option. 77 | # Notice that if you are skipping storage for all authentication paths, you 78 | # may want to disable generating routes to Devise's sessions controller by 79 | # passing skip: :sessions to `devise_for` in your config/routes.rb 80 | config.skip_session_storage = [:http_auth] 81 | 82 | # By default, Devise cleans up the CSRF token on authentication to 83 | # avoid CSRF token fixation attacks. This means that, when using AJAX 84 | # requests for sign in and sign up, you need to get a new CSRF token 85 | # from the server. You can disable this option at your own risk. 86 | # config.clean_up_csrf_token_on_authentication = true 87 | 88 | # ==> Configuration for :database_authenticatable 89 | # For bcrypt, this is the cost for hashing the password and defaults to 10. If 90 | # using other encryptors, it sets how many times you want the password re-encrypted. 91 | # 92 | # Limiting the stretches to just one in testing will increase the performance of 93 | # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use 94 | # a value less than 10 in other environments. Note that, for bcrypt (the default 95 | # encryptor), the cost increases exponentially with the number of stretches (e.g. 96 | # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation). 97 | config.stretches = Rails.env.test? ? 1 : 10 98 | 99 | # Setup a pepper to generate the encrypted password. 100 | # config.pepper = '95632692a19f740f10f6732ba9c949aaed61653145d2a495617b06ff3b732072a253d1ce46ed81002b4249543a720ede833a8bbb0c404c2ef2b1731730125725' 101 | 102 | # ==> Configuration for :confirmable 103 | # A period that the user is allowed to access the website even without 104 | # confirming their account. For instance, if set to 2.days, the user will be 105 | # able to access the website for two days without confirming their account, 106 | # access will be blocked just in the third day. Default is 0.days, meaning 107 | # the user cannot access the website without confirming their account. 108 | # config.allow_unconfirmed_access_for = 2.days 109 | 110 | # A period that the user is allowed to confirm their account before their 111 | # token becomes invalid. For example, if set to 3.days, the user can confirm 112 | # their account within 3 days after the mail was sent, but on the fourth day 113 | # their account can't be confirmed with the token any more. 114 | # Default is nil, meaning there is no restriction on how long a user can take 115 | # before confirming their account. 116 | # config.confirm_within = 3.days 117 | 118 | # If true, requires any email changes to be confirmed (exactly the same way as 119 | # initial account confirmation) to be applied. Requires additional unconfirmed_email 120 | # db field (see migrations). Until confirmed, new email is stored in 121 | # unconfirmed_email column, and copied to email column on successful confirmation. 122 | config.reconfirmable = true 123 | 124 | # Defines which key will be used when confirming an account 125 | # config.confirmation_keys = [ :email ] 126 | 127 | # ==> Configuration for :rememberable 128 | # The time the user will be remembered without asking for credentials again. 129 | # config.remember_for = 2.weeks 130 | 131 | # Invalidates all the remember me tokens when the user signs out. 132 | config.expire_all_remember_me_on_sign_out = true 133 | 134 | # If true, extends the user's remember period when remembered via cookie. 135 | # config.extend_remember_period = false 136 | 137 | # Options to be passed to the created cookie. For instance, you can set 138 | # secure: true in order to force SSL only cookies. 139 | # config.rememberable_options = {} 140 | 141 | # ==> Configuration for :validatable 142 | # Range for password length. 143 | config.password_length = 8..128 144 | 145 | # Email regex used to validate email formats. It simply asserts that 146 | # one (and only one) @ exists in the given string. This is mainly 147 | # to give user feedback and not to assert the e-mail validity. 148 | # config.email_regexp = /\A[^@]+@[^@]+\z/ 149 | 150 | # ==> Configuration for :timeoutable 151 | # The time you want to timeout the user session without activity. After this 152 | # time the user will be asked for credentials again. Default is 30 minutes. 153 | # config.timeout_in = 30.minutes 154 | 155 | # If true, expires auth token on session timeout. 156 | # config.expire_auth_token_on_timeout = false 157 | 158 | # ==> Configuration for :lockable 159 | # Defines which strategy will be used to lock an account. 160 | # :failed_attempts = Locks an account after a number of failed attempts to sign in. 161 | # :none = No lock strategy. You should handle locking by yourself. 162 | # config.lock_strategy = :failed_attempts 163 | 164 | # Defines which key will be used when locking and unlocking an account 165 | # config.unlock_keys = [ :email ] 166 | 167 | # Defines which strategy will be used to unlock an account. 168 | # :email = Sends an unlock link to the user email 169 | # :time = Re-enables login after a certain amount of time (see :unlock_in below) 170 | # :both = Enables both strategies 171 | # :none = No unlock strategy. You should handle unlocking by yourself. 172 | # config.unlock_strategy = :both 173 | 174 | # Number of authentication tries before locking an account if lock_strategy 175 | # is failed attempts. 176 | # config.maximum_attempts = 20 177 | 178 | # Time interval to unlock the account if :time is enabled as unlock_strategy. 179 | # config.unlock_in = 1.hour 180 | 181 | # Warn on the last attempt before the account is locked. 182 | # config.last_attempt_warning = true 183 | 184 | # ==> Configuration for :recoverable 185 | # 186 | # Defines which key will be used when recovering the password for an account 187 | # config.reset_password_keys = [ :email ] 188 | 189 | # Time interval you can reset your password with a reset password key. 190 | # Don't put a too small interval or your users won't have the time to 191 | # change their passwords. 192 | config.reset_password_within = 6.hours 193 | 194 | # ==> Configuration for :encryptable 195 | # Allow you to use another encryption algorithm besides bcrypt (default). You can use 196 | # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1, 197 | # :authlogic_sha512 (then you should set stretches above to 20 for default behavior) 198 | # and :restful_authentication_sha1 (then you should set stretches to 10, and copy 199 | # REST_AUTH_SITE_KEY to pepper). 200 | # 201 | # Require the `devise-encryptable` gem when using anything other than bcrypt 202 | # config.encryptor = :sha512 203 | 204 | # ==> Scopes configuration 205 | # Turn scoped views on. Before rendering "sessions/new", it will first check for 206 | # "users/sessions/new". It's turned off by default because it's slower if you 207 | # are using only default views. 208 | # config.scoped_views = false 209 | 210 | # Configure the default scope given to Warden. By default it's the first 211 | # devise role declared in your routes (usually :user). 212 | # config.default_scope = :user 213 | 214 | # Set this configuration to false if you want /users/sign_out to sign out 215 | # only the current scope. By default, Devise signs out all scopes. 216 | # config.sign_out_all_scopes = true 217 | 218 | # ==> Navigation configuration 219 | # Lists the formats that should be treated as navigational. Formats like 220 | # :html, should redirect to the sign in page when the user does not have 221 | # access, but formats like :xml or :json, should return 401. 222 | # 223 | # If you have any extra navigational formats, like :iphone or :mobile, you 224 | # should add them to the navigational formats lists. 225 | # 226 | # The "*/*" below is required to match Internet Explorer requests. 227 | # config.navigational_formats = ['*/*', :html] 228 | 229 | # The default HTTP method used to sign out a resource. Default is :delete. 230 | config.sign_out_via = :delete 231 | 232 | # ==> OmniAuth 233 | # Add a new OmniAuth provider. Check the wiki for more information on setting 234 | # up on your models and hooks. 235 | # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo' 236 | 237 | # ==> Warden configuration 238 | # If you want to use other strategies, that are not supported by Devise, or 239 | # change the failure app, you can configure them inside the config.warden block. 240 | # 241 | # config.warden do |manager| 242 | # manager.intercept_401 = false 243 | # manager.default_strategies(scope: :user).unshift :some_external_strategy 244 | # end 245 | 246 | # ==> Mountable engine configurations 247 | # When using Devise inside an engine, let's call it `MyEngine`, and this engine 248 | # is mountable, there are some extra configurations to be taken into account. 249 | # The following options are available, assuming the engine is mounted as: 250 | # 251 | # mount MyEngine, at: '/my_engine' 252 | # 253 | # The router that invoked `devise_for`, in the example above, would be: 254 | # config.router_name = :my_engine 255 | # 256 | # When using omniauth, Devise cannot automatically set Omniauth path, 257 | # so you need to do it manually. For the users scope, it would be: 258 | # config.omniauth_path_prefix = '/my_engine/users/auth' 259 | end 260 | --------------------------------------------------------------------------------