POST to /admin/users/:user_id/generate_api_key.json says route does not exist


(Stephen Birarda) #1

I want to be able to create an API key for the user to pass down to our application so that they can create posts from the application. I’ve figured out how to add users via the REST api (using the honeypot values) but can’t seem to use the generate_api_key method in the Admin::UsersController.

It’s telling me the route doesn’t exist, but I’ve verified that it definitely does by looking at the request made from chrome when clicking on “Generate API key” for that user - although that request uses the CSRF token.

Is it possible to POST to the same API via JSON with a master API key?

Started POST "/admin/users/8/generate_api_key.json?api_key=a246e85e1334501c7dcd0ef731162466eea0ad1d11733690c5a36a21c3c21377" for 127.0.0.1 at 2014-02-27 14:40:16 -0800
ApiKey Load (1.1ms) SELECT "api_keys".* FROM "api_keys" WHERE "api_keys"."key" = 'a246e85e1334501c7dcd0ef731162466eea0ad1d11733690c5a36a21c3c21377' ORDER BY "api_keys"."id" ASC LIMIT 1

ActionController::RoutingError (No route matches [POST] "/admin/users/8/generate_api_key.json"):
config/initializers/quiet_logger.rb:10:in call_with_quiet_assets'
config/initializers/silence_logger.rb:19:incall'
lib/middleware/missing_avatars.rb:21:in call'
lib/middleware/turbo_dev.rb:32:incall'

(Sam Saffron) #2

The API keys should allow you access to any route including admin routes, in fact I do so in ruby bench so know it should work.


(Stephen Birarda) #3

I will have to test again - it’s possible I was trying this with a bad API key.


(Stephen Birarda) #4

Still getting this issue against HEAD.

With a valid master API key, the server throws the following error.

Started POST "/admin/users/2/generate_api_key.json?api_key=00b0301d4cef27fd56c1fb4742855beaf3accf6e466d26abc8ffa0b9414bac5d" for 127.0.0.1 at 2014-03-28 09:46:31 -0700
  ApiKey Load (1.0ms)  SELECT "api_keys".* FROM "api_keys" WHERE "api_keys"."key" = '00b0301d4cef27fd56c1fb4742855beaf3accf6e466d26abc8ffa0b9414bac5d' ORDER BY "api_keys"."id" ASC LIMIT 1

ActionController::RoutingError (No route matches [POST] "/admin/users/2/generate_api_key.json"):
  config/initializers/quiet_logger.rb:10:in `call_with_quiet_assets'
  config/initializers/silence_logger.rb:19:in `call'
  lib/middleware/missing_avatars.rb:21:in `call'
  lib/middleware/turbo_dev.rb:32:in `call'

(Stephen Birarda) #5

@sam any update on this? We’re circling back on trying to add a feature that requires this to work.


(Sam Saffron) #6

You need to always specify an api_username, otherwise api_key will be ignored.


(Stephen Birarda) #7

Finally! I could have sworn that adding users via the API was possible without the api_username parameter. Odd.


(Jeff Atwood) #8

This topic was automatically closed after 24 hours. New replies are no longer allowed.