rails-api-template

A template for starting projects with rails-api. Includes authentication.

At the beginning of each cohort, update the versions in Gemfile.

Dependencies

Install with bundle install.

• rails-api
• rails
• active_model_serializers
• ruby
• postgres

Until Rails 5 is released, this template should follow the most recent released version of Rails 4, as well as track master branches for rails-api and active_model_serializers.

Installation

1. Download this template.
2. Unzip and rename the template directory.
3. Empty README.md and fill with your own content.
4. Move into the new project and git init.
5. Install dependencies with bundle install.
6. Rename your app module in config/application.rb (change RailsApiTemplate).
7. Rename your project database in config/database.yml (change 'rails-api-template').
8. Create a .env for sensitive settings (touch .env).
9. Generate new development and test secrets (bundle exec rake secret).
10. Store them in .env with keys SECRET_KEY_BASE_<DEVELOPMENT|TEST> respectively.
11. In order to make requests to your deployed API, you will need to set SECRET_KEY_BASE in the environment of the production API (using heroku config:set or the Heroku dashboard).
12. In order to make requests from your deployed client application, you will need to set CLIENT_ORIGIN in the environment of the production API (e.g. heroku config:set CLIENT_ORIGIN https://<github-username>.github.io).
13. Setup your database with bin/rake db:nuke_pave or bundle exec rake db:nuke_pave.
14. Run the API server with bin/rails server or bundle exec rails server.

Structure

This template follows the standard project structure in Rails 4.

curl command scripts are stored in scripts with names that correspond to API actions.

User authentication is built-in.

Tasks

Developers should run these often!

• bin/rake routes lists the endpoints available in your API.
• bin/rake test runs automated tests.
• bin/rails console opens a REPL that pre-loads the API.
• bin/rails db opens your database client and loads the correct database.
• bin/rails server starts the API.
• scripts/*.sh run various curl commands to test the API. See below.

API

Use this as the basis for your own API documentation. Add a new third-level heading for your custom entities, and follow the pattern provided for the built-in user authentication documentation.

Scripts are included in scripts to test built-in actions. Add your own scripts to test your custom API. As an alternative, you can write automated tests in RSpec to test your API.

Authentication

POST /sign-up

Request:

curl http://localhost:4741/sign-up \
  --include \
  --request POST \
  --header "Content-Type: application/json" \
  --data '{
    "credentials": {
      "email": "'"${EMAIL}"'",
      "password": "'"${PASSWORD}"'",
      "password_confirmation": "'"${PASSWORD}"'"
    }
  }'

EMAIL=ava@bob.com PASSWORD=hannah scripts/sign-up.sh

Response:

HTTP/1.1 201 Created
Content-Type: application/json; charset=utf-8

{
  "user": {
    "id": 1,
    "email": "ava@bob.com"
  }
}

POST /sign-in

Request:

curl http://localhost:4741/sign-in \
  --include \
  --request POST \
  --header "Content-Type: application/json" \
  --data '{
    "credentials": {
      "email": "'"${EMAIL}"'",
      "password": "'"${PASSWORD}"'"
    }
  }'

EMAIL=ava@bob.com PASSWORD=hannah scripts/sign-in.sh

Response:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

{
  "user": {
    "id": 1,
    "email": "ava@bob.com",
    "token": "BAhJIiVlZDIwZTMzMzQzODg5NTBmYjZlNjRlZDZlNzYxYzU2ZAY6BkVG--7e7f77f974edcf5e4887b56918f34cd9fe293b9f"
  }
}

PATCH /change-password/:id

Request:

curl --include --request PATCH "http://localhost:4741/change-password/$ID" \
  --header "Authorization: Token token=$TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "passwords": {
      "old": "'"${OLDPW}"'",
      "new": "'"${NEWPW}"'"
    }
  }'

ID=1 OLDPW=hannah NEWPW=elle TOKEN=BAhJIiVlZDIwZTMzMzQzODg5NTBmYjZlNjRlZDZlNzYxYzU2ZAY6BkVG--7e7f77f974edcf5e4887b56918f34cd9fe293b9f scripts/change-password.sh

Response:

HTTP/1.1 204 No Content

DELETE /sign-out/:id

Request:

curl http://localhost:4741/sign-out/$ID \
  --include \
  --request DELETE \
  --header "Authorization: Token token=$TOKEN"

ID=1 TOKEN=BAhJIiVlZDIwZTMzMzQzODg5NTBmYjZlNjRlZDZlNzYxYzU2ZAY6BkVG--7e7f77f974edcf5e4887b56918f34cd9fe293b9f scripts/sign-out.sh

Response:

HTTP/1.1 204 No Content

Users

GET /users

Request:

curl http://localhost:4741/users \
  --include \
  --request GET \
  --header "Authorization: Token token=$TOKEN"

TOKEN=BAhJIiVlZDIwZTMzMzQzODg5NTBmYjZlNjRlZDZlNzYxYzU2ZAY6BkVG--7e7f77f974edcf5e4887b56918f34cd9fe293b9f scripts/users.sh

Response:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

{
  "users": [
    {
      "id": 2,
      "email": "bob@ava.com"
    },
    {
      "id": 1,
      "email": "ava@bob.com"
    }
  ]
}

GET /users/:id

Request:

curl --include --request GET http://localhost:4741/users/$ID \
  --header "Authorization: Token token=$TOKEN"

ID=2 TOKEN=BAhJIiVlZDIwZTMzMzQzODg5NTBmYjZlNjRlZDZlNzYxYzU2ZAY6BkVG--7e7f77f974edcf5e4887b56918f34cd9fe293b9f scripts/user.sh

Response:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

{
  "user": {
    "id": 2,
    "email": "bob@ava.com"
  }
}

Reset Database without dropping

This is not a task developers should run often, but it is sometimes necessary.

locally

bin/rake db:migrate VERSION=0
bin/rake db:migrate db:seed db:examples

heroku

heroku run rake db:migrate VERSION=0
heroku run rake db:migrate db:seed db:examples

License

1. All content is licensed under a CC­BY­NC­SA 4.0 license.
2. All software code is licensed under GNU GPLv3. For commercial use or alternative licensing, please contact legal@ga.co.