0

I'm trying to build a RESTful API using ruby and its RESTful routes. I am completely new to ruby (this is my first project) and am finding it has a very steep learning curve. I have tried to generate a simple user model and am attempting to create a CRUD example with it. Currently I am stuck on creating the user object inside the controller from a posted json object. I have implemented my own create method and am trying to have it echo back the json object that I post to it. For some reason all I get is a 404 back and a page that shows my routs. Here is the model, controller, routes file and migration file that I used to implement the API, why doesn't it work as expected?

user model:

#the user model
class User < ActiveRecord::Base
  validates :password, :email, :first_name, :last_name, :presence =>true
  validates_uniqueness_of :email

end

db migration file:

#migration file
class CreateUsers < ActiveRecord::Migration
  def change
    create_table :users do |t|
      t.string :last_name, :null => false
      t.string :email, :null => false
      t.string :first_name, :null => false
      t.string :password, :null => false

      t.timestamps
    end
  end
end

Routes File:

Rails.application.routes.draw do

  # Define api routes for user
  namespace :api do
   resources :user, :defaults => { :format => 'json' }
  end
end

user controllers file:

#user controller 
class UserController < ApplicationController
  def create
    puts params
  end
end

What am I doing wrong? Why isn't my post object being displayed to the console?

ScottOBot
  • 839
  • 3
  • 16
  • 37
  • is user_controller.rb in app/controllers/api folder ? – nyzm Jun 17 '14 at 03:17
  • I put the controller in the api folder I now get a 500 internal server error @nyzm – ScottOBot Jun 17 '14 at 03:31
  • This is the new error that I am getting: `Started POST "/api/user.json" for 174.112.216.92 at 2014-06-17 03:53:56 +0000 Processing by Api::UserController#create as JSON Parameters: {"test"=>"test", "user"=>{}} Can't verify CSRF token authenticity Completed 422 Unprocessable Entity in 1ms` – ScottOBot Jun 17 '14 at 03:56
  • it seems to be processing something it throws a 422 and I can't seem to figure out why @nyzm – ScottOBot Jun 17 '14 at 03:58
  • check this out : http://stackoverflow.com/questions/7203304/warning-cant-verify-csrf-token-authenticity-rails – nyzm Jun 17 '14 at 04:02

2 Answers2

0

In the create action in your users controller, try redirecting to another page or rendering another view. I believe that will get rid of the routing errors.

class UserController < ApplicationController
  def create
    puts params
    redirect_to(another_page)
  end
end
Xerif917
  • 132
  • 2
  • 10
0

The easiest way is to put this line into your controller.

class UserController < ApplicationController
  skip_before_filter  :verify_authenticity_token
  def create
    puts params
  end
end

As you are newbee so not for getting stuck into one thing use above method. And for details see this link

And also check your permitted params.

Another solution to CSRF token is to pass it in headers like:

headers: {
  'X-Transaction': 'POST Example',
  'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
}
Community
  • 1
  • 1
Abdul Baig
  • 3,683
  • 3
  • 21
  • 48
  • Can you explain to me why CSRF token is needed? @G.B – ScottOBot Jun 17 '14 at 16:26
  • it is required for security purposes. for details see http://guides.rubyonrails.org/security.html#cross-site-request-forgery-csrf and http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html – Abdul Baig Jun 17 '14 at 16:41