How to integrate Devise REST API Login with lockable

Question

I'm using Devise with lockable as login system in my application. It works fine with server generated pages.

Now i am creating single page application endpoint with AngularJS (REST API). Login works fine but when I do fail to login then failed_attempts doesn't increment and lockable doesn't work.

What should I do to enable lockable support in my logging in via REST API.

My action (REST API)

def login
  user = UserService.get_user_by_email params[:login]

  if UserService.user_password_is_valid? user, params[:password]
    sign_in :user, user
    render_json({
      success: true
    })
  else
     render_json({
      success: false
     })
  end
end

How can i make lockable work with REST Api?

A google search would have revealed [this guide](https://github.com/plataformatec/devise/wiki/How-To:-Add-:lockable-to-Users). — 31piy, Mar 06 '17 at 08:49
I know that article, but when i do failure login then failed_attempts dont increment and lockable dont work in my case — kalit, Mar 06 '17 at 08:53

score 1 · Answer 1 · answered Nov 26 '18 at 17:01

1

Try this.

if user.valid_for_authentication?{user.valid_password?(params[:password])}

answered Nov 26 '18 at 17:01

kabaken

41
3

This does increment the `failed_attempts` field & updates the `locked_at` field as expected. This answer, along with the [docs](https://www.rubydoc.info/github/plataformatec/devise/Devise/Models/Lockable) should be enough to write customized lockable support – Jay Dorsey Apr 09 '19 at 13:39

How to integrate Devise REST API Login with lockable

1 Answers1