API login/logout with http header token

Gemfile

@@ -23,6 +23,7 @@ gem 'coffee-rails', '~> 4.2'
 gem 'simple_form'
 gem 'bootstrap', '~> 4.0.0.alpha3'
 gem "font-awesome-rails"
+gem 'rack-cors'
 
 #Report and Printing gems
 gem 'cups', '~> 0.0.7'

Gemfile.lock

@@ -107,6 +107,7 @@ GEM
       prawn (>= 1.3.0, < 3.0.0)
     puma (3.8.2)
     rack (2.0.1)
+    rack-cors (0.4.1)
     rack-test (0.6.3)
       rack (>= 1.0)
     rails (5.0.2)
@@ -224,6 +225,7 @@ DEPENDENCIES
   prawn
   prawn-table
   puma (~> 3.0)
+  rack-cors
   rails (~> 5.0.2)
   rspec-rails (~> 3.5)
   sass-rails (~> 5.0)

app/controllers/api/api_controller.rb

@@ -10,5 +10,4 @@ class Api::ApiController < ActionController::API
       return token
     end
   end
-
 end

app/controllers/api/authenticate_controller.rb

@@ -1,9 +1,36 @@
-class Api::AuthenticateController < ActionController::API
+class Api::AuthenticateController < Api::ApiController
+  skip_before_action  :authenticate
 
   def create
+    emp_id = params[:emp_id]
+    password = params[:password]
+
+    if emp_id && password
+      @employee = Employee.login(emp_id, password)
+
+      if @employee
+        render json: JSON.generate({:status => true, :session_token => @employee.token_session, :name => @employee.name, :role => @employee.role})
+      else
+        render json: JSON.generate({:status => false, :error_message => "Bad Emp_ID or Password."})
+      end
+    else
+      render json: JSON.generate({:status => false, :error_message => "Input Parameters missing."})
+
+    end
   end
 
   def destroy
+    logout_status = Employee.logout(params[:session_token])
+    if logout_status
+      render json: JSON.generate({:status => true})
+
+    else
+      render json: JSON.generate({:status => false, :error_message => "Session Token Invalid or Missing"})
+
+    end
   end
 
+  def authenticate_params
+    params.permit(:emp_id, :password, :session_token)
+  end
 end

app/controllers/api/restaurant/menu_controller.rb

@@ -1,4 +1,4 @@
-class Api::Restaurant::MenuController < ActionController::API
+class Api::Restaurant::MenuController < Api::ApiController
   before :authenticate_token
 
   #Description
@@ -7,7 +7,7 @@ class Api::Restaurant::MenuController < ActionController::API
   def index
     menu_detail()
   end
-  
+
   #Description
   # This API show current order details
   # Input Params - menu_id

app/controllers/api/restaurant/rooms_controller.rb

@@ -1,4 +1,4 @@
-class Api::Restaurant::RoomsController < ActionController::API
+class Api::Restaurant::RoomsController < Api::ApiController
   before_action :set_room, only: [:show]
 
   def index

app/controllers/api/restaurant/seatings_controller.rb

@@ -1,4 +1,4 @@
-class Api::Restaurant::SeatingsController < ActionController::API
+class Api::Restaurant::SeatingsController < Api::ApiController
   before_action :set_table, only: [:show]
 
   def index

app/controllers/api/restaurant/takeaway_controller.rb

@@ -1,4 +1,4 @@
-class Api::Restaurant::TakeawaysController < ActionController::API
+class Api::Restaurant::TakeawaysController < Api::ApiController
   def index
       render json: SeatTable.order("order_by")
   end

app/controllers/api/restaurant/zones_controller.rb

@@ -1,7 +1,7 @@
-class Api::Restaurant::ZonesController < ActionController::API
+class Api::Restaurant::ZonesController < Api::ApiController
 
   def index
       render json: Zone.includes([:tables, :rooms]).where("is_active = true")
   end
-  
+
 end

app/controllers/concerns/token_verification.rb

@@ -1,5 +1,6 @@
 module TokenVerification
   extend ActiveSupport::Concern
+  include ActionController::HttpAuthentication::Token::ControllerMethods
 
   included do
     before_action :authenticate
@@ -15,14 +16,9 @@ module TokenVerification
   def authenticate_token
     authenticate_with_http_token do |token, options|
       #@current_user = User.find_by(api_key: token)
-      @device_access = DeviceAccess.find_by_token(token)
-      if @device_access
-        @log = DeviceAccessLog.new
-        @log.device_access = @device_access
-        @log.api_route = request.env['PATH_INFO']
-        @log.remote_ip = request.remote_ip
-        # @log.client_info =
-        @log.save
+      @user = Employee.authenticate_token(token)
+      if @user
+        #Maybe log - login?
       end
 
     end

config/routes.rb

@@ -6,15 +6,15 @@ Rails.application.routes.draw do
   post 'install' =>  'install#create'
 
   #--------- Login/Authentication ------------#
-  post 'authenticate' => 'home#create'
-  delete 'authenticate' => 'home/destroy'
+  post 'login' => 'home#create'
+  delete 'logout' => 'home#destroy'
 
 
   #--------- API Routes ------------#
   namespace :api,  :defaults => { :format => 'json' } do
     #Session Login and Logout
-    post   'authenticate' => "autheticate#create"
-    delete 'authenticate' => "autheticate#destroy"
+    post   'authenticate' => "authenticate#create"
+    delete 'authenticate' => "authenticate#destroy"
 
     namespace :restaurant do
       get 'zones' => "zones#index"
@@ -35,7 +35,7 @@ Rails.application.routes.draw do
         resources :menu_items, only: [:index, :show]
         resources :menu_sold_out, only: [:index]
       end
-      
+
     end
 
     #Order Controller