Can't Authenticate via cURL

[dyaa]

I'm trying to test the api access via PostMan Client on Chrome with BasicAuth and it return

Get http://192.168.10.111:3000/api/auth/sign_in with username and password.

Unknown action
The action 'new' could not be found for DeviseTokenAuth::SessionsController

also when i'm trying to get 192.168.10.111:3000/api/v1/blogs/ it respond with

{"errors": ["Authorized users only."]}

All this issues are the same when using cURL.

[vs-zhang]

When u look at the DeviseTokenAuth::SessionsController, there's not new action. I don't know why get /api/auth/sign_in should exists, but u can use the post api/auth/sign_in that call the create function in the DeviseTokenAuth::SessionsController.

[lynndylanhurley]

@dyaa - I'll look into disabling the get route for sign_in.

When using curl, you will need to send the correct auth headers for restricted routes. Otherwise you will get the Authorized users only error that you're seeing.

[lynndylanhurley]

@dyaa - I just read your issue more carefully. The new route isn't used by this gem. In standard devise, the new route is used for rendering the form's html page. This gem expects the form to be rendered by a front-end SPA (angualrjs, backbone, etc.).

I would like to disable the route completely, but according to this SO post, removing it will be more trouble than it's worth.

Let me know if the existence of the route is causing any serious problems, otherwise I'm closing this issue.