Invent 401 Returning the Right Login Using a User Session Controller

I'm having some problems with the design and creation of user session controllers.

I am creating an application and I want json to be the only login form. So here is what I have done so far.

Session Controller

class SessionsController < Devise::SessionsController # Create operation should login the user and respond with json status def create resource = warden.authenticate!(:scope => resource_name, :recall => "sessions#failure") sign_in(resource_name, resource) respond_to do | format | format.json { render :json => { :success => true, :user => resource }, :status => 200 } end end def failure return render :status => 401, :json => {:success => false, :errors => ["Login failed."]} end end 

Session Routes:

  devise_for :users, :controllers => {:sessions => "sessions"}, :skip => [:sessions] do get '/login' => 'sessions#new', :as => :new_user_session post '/login' => 'sessions#create', :as => :user_session get '/logout' => 'sessions#destroy', :as => :destroy_user_session end 

The test I'm trying to run is:

 require 'spec_helper' describe SessionsController do include Devise::TestHelpers describe "POST 'create'" do describe "invalid signin" do before(:each) do @attr = { :email => " master_yoda@jedi.com ", :password => "invalid" } request.env["devise.mapping"] = Devise.mappings[:user] end it "should return an error" do post :create, :user => @attr, :format => :json puts @response.body end end end end 

Now when I run this test. I get an http response instead of json:

 #<ActionDispatch::Response:0x00000004cb8bb8> 

When I perform a curling operation through the command line to enter data

This is the command:

 curl -v -H "Accept: application/json" -H "Content-type: application/json" -X POST -d ' {"user":{"email":" aaa@blah.com ","password":"aaaaaaaaa"}}' http://192.168.202.128:3000/login 

The first execution sends 401, then subsequent executions send 200

Error:

 * About to connect() to 192.168.202.128 port 3000 (#0) * Trying 192.168.202.128... connected * Connected to 192.168.202.128 (192.168.202.128) port 3000 (#0) > POST /login HTTP/1.1 > User-Agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5 > Host: 192.168.202.128:3000 > Accept: application/json > Content-type: application/json > Content-Length: 57 > < HTTP/1.1 401 Unauthorized < Content-Type: application/json; charset=utf-8 < X-Ua-Compatible: IE=Edge < Cache-Control: no-cache < X-Runtime: 2.026670 < Content-Length: 44 < Server: WEBrick/1.3.1 (Ruby/1.9.2/2011-07-09) < Date: Mon, 10 Oct 2011 14:03:36 GMT < Connection: Keep-Alive < Set-Cookie: _styylt_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRkkiJWIxZDZiMmZkNTdlYTFkMzQ1MTRkZGZmNDA1NjljYzU5BjsAVA%3D%3D--fd27eebb575f61cf805b0f3ada4d2780fdc7f929; path=/; HttpOnly < * Connection #0 to host 192.168.202.128 left intact * Closing connection #0 {"success":false,"errors":["Login failed."]} 

Success:

 * About to connect() to 192.168.202.128 port 3000 (#0) * Trying 192.168.202.128... connected * Connected to 192.168.202.128 (192.168.202.128) port 3000 (#0) > POST /login HTTP/1.1 > User-Agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5 > Host: 192.168.202.128:3000 > Accept: application/json > Content-type: application/json > Content-Length: 57 > < HTTP/1.1 200 OK < Content-Type: application/json; charset=utf-8 < X-Ua-Compatible: IE=Edge < Etag: "c4da2521fa2f6c5721e7cf8d3c7626ce" < Cache-Control: max-age=0, private, must-revalidate < X-Runtime: 0.377351 < Content-Length: 71 < Server: WEBrick/1.3.1 (Ruby/1.9.2/2011-07-09) < Date: Mon, 10 Oct 2011 14:03:45 GMT < Connection: Keep-Alive < Set-Cookie: _styylt_session=BAh7B0kiGXdhcmRlbi51c2VyLnVzZXIua2V5BjoGRVRbCEkiCVVzZXIGOwBGWwZpCUkiIiQyYSQxMCRnUEJzRDZXSHNTYkk0RkZxSlNjV0cuBjsAVEkiD3Nlc3Npb25faWQGOwBGSSIlY2M2ZGEzMWY0ZDM2ZDc2NjRmNjdhN2I1MjQ4NmFlMTkGOwBU--8fec7bbcf648276f24e3c19a3ce0562060eeabb1; path=/; HttpOnly < * Connection #0 to host 192.168.202.128 left intact * Closing connection #0 {"success":true,"user":{"email":" aaa@blah.com ","username":"userblah2"}} - 8fec7bbcf648276f24e3c19a3ce0562060eeabb1; * About to connect() to 192.168.202.128 port 3000 (#0) * Trying 192.168.202.128... connected * Connected to 192.168.202.128 (192.168.202.128) port 3000 (#0) > POST /login HTTP/1.1 > User-Agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5 > Host: 192.168.202.128:3000 > Accept: application/json > Content-type: application/json > Content-Length: 57 > < HTTP/1.1 200 OK < Content-Type: application/json; charset=utf-8 < X-Ua-Compatible: IE=Edge < Etag: "c4da2521fa2f6c5721e7cf8d3c7626ce" < Cache-Control: max-age=0, private, must-revalidate < X-Runtime: 0.377351 < Content-Length: 71 < Server: WEBrick/1.3.1 (Ruby/1.9.2/2011-07-09) < Date: Mon, 10 Oct 2011 14:03:45 GMT < Connection: Keep-Alive < Set-Cookie: _styylt_session=BAh7B0kiGXdhcmRlbi51c2VyLnVzZXIua2V5BjoGRVRbCEkiCVVzZXIGOwBGWwZpCUkiIiQyYSQxMCRnUEJzRDZXSHNTYkk0RkZxSlNjV0cuBjsAVEkiD3Nlc3Npb25faWQGOwBGSSIlY2M2ZGEzMWY0ZDM2ZDc2NjRmNjdhN2I1MjQ4NmFlMTkGOwBU--8fec7bbcf648276f24e3c19a3ce0562060eeabb1; path=/; HttpOnly < * Connection #0 to host 192.168.202.128 left intact * Closing connection #0 {"success":true,"user":{"email":" aaa@blah.com ","username":"userblah2"}} 

I do not understand what I am doing wrong or what is happening here. I looked through most of the posts and cannot find a specific answer.

Hope someone can help :)

thanks