could you please tell me - is it possible to disable warden/devise for one or more controllers/actions?
I need to allow requests with basic auth to one of controllers, but everytime i send similar requests i've seed message, that basi auth is not required for my app.
I'm writing oauth2 provider and its a problem to allow client applications to send his creadentials with basic auth as described here - https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-08#se开发者_如何转开发ction-2.
If you're doing before_filter :authenticate_user!
in your ApplicationController
, just do skip_before_filter :authenticate_user!
in the controllers where you want to disable Devise.
to answer your question directly -- if you don't want authentication for a particular controller, then simply omit or remove the 'before_filter :authenticate_user!statement in that controller. Similarly, if you want to do authentication for only certain methods in the controller, look at the
:onlyand
:exceptoptions to
before_filter`.
If you are looking to allow only http authentication for particular methods or controllers, then I believe to you have to override some of the devise methods to restrict to http auth only, since devise wants to be flexible by default and will allow http auth or session auth.
精彩评论