gonzalo-bulnes/simple_token_authentication

Gem doesn't protect data?

Opened this issue · 0 comments

wolf-hub commented

i have installed this gem and have done configuration as are described in docs. But i wonder that this gem doesn't protect data. I imagine that i should do api request with valid email + token in header and get response with data and if email or token are wrong then i should get error in response, but i all time get Ok response. For example here of my simple controller:

class Api::V1::PropertiesController < ApplicationController
	acts_as_token_authentication_handler_for User	
	respond_to :json

	def index
		properties = Property.all
		respond_with properties
	end
end

and even with invalid data i get properties in server response. Why? Do i miss something or it is incorrect work of the gem?