API authentication

The rundown

In creating a consumable REST API, authenticating users is a must. I'm using the rails-api gem, which removes a lot of the extra rails components you have no need for in an API-only application. The API will be consumed by a separate web app (powered by Ember JS in this case), or mobile application.

The problem

I'm going to say it. I really wanted to use Devise to handle my authentication. It has most everything you could want built right in. Others, such as Omni-Auth support to handle Google and Facebook, are easily added. All in all, Devise is a great solution if you're running a full blown rails app. When using the rails-api gem, it seemed as if I was fighting Devise every step of the way, and spending way too much time doing so. In the end, I decided to ditch Devise for this API.

Luckily, I found this great resource from Eric Berry that was an excellent start for me. You can find my project (changes / features are listed on the GitHub project page), as well as a few resources I found along the way, below.

Excellent resources

GitHub project

You can find the project on GitHub. It's using Unicorn, and ready to be deployed to Heroku.

If you see anything I did blatantly wrong, I'd love to hear about and learn from it!

Share Comment on Twitter