#139 / deviseの設定（Rails）

Author: hasyrails

app/controllers/api/v1/auth/registrations_controller.rb

@@ -1,11 +1,13 @@
 module Api
   module V1
     module Auth
-      class RegistrationsController < DeviseTokenAuth::RegistrationsController
+      class RegistrationsController < ::DeviseTokenAuth::RegistrationsController
+
+        wrap_parameters format: []
 
         private
         def sign_up_params
-          params.permit(:name, :email, :password, :password_confirmation)
+          params.permit( :email, :name, :password, :password_confirmation)
         end
 
         def account_update_params

app/controllers/api/v1/devise_token_auth/sessions_controller.rb

@@ -0,0 +1,18 @@
+module Api
+  module V1
+    module DeviseTokenAuth
+      class SessionsController < ::DeviseTokenAuth::SessionsController
+        # Prevent session parameter from being passed
+        # Unpermitted parameter: session
+        wrap_parameters format: []
+
+        private
+
+        def sign_in_params
+          params.permit(:email, :password, :password_confirmation)
+        end
+      
+      end
+    end
+  end
+end

app/controllers/application_controller.rb

@@ -3,5 +3,8 @@ class ApplicationController < ActionController::Base
   # protect_from_forgery with: :null_session
   skip_before_action :verify_authenticity_token, if: :devise_controller?
 
-  
+  # def configure_permitted_parameters
+  #   devise_parameter_sanitizer.permit(:sign_up, keys: [:name, :email, :password, :password_confirmation])
+  #   devise_parameter_sanitizer.permit(:sign_in, keys: [:email, :password])
+  # end
 end

app/models/user.rb

@@ -7,4 +7,8 @@ class User < ActiveRecord::Base
          :recoverable, :rememberable, :validatable
         #  authentication_keys: [:login]
   include DeviseTokenAuth::Concerns::User
+
+  def token_validation_response
+    as_json(only: [:id, :email, :uid, :allow_password_change, :name, :nickname, :image])
+  end
 end

config/routes.rb

@@ -6,7 +6,8 @@
     resources :cards
     scope :v1 do
       mount_devise_token_auth_for 'User', at: 'auth', controllers: {
-          registrations: 'api/v1/auth/registrations'
+          registrations: 'api/v1/auth/registrations',
+          sessions: 'api/v1/devise_token_auth/sessions'
       }
     end
   end