Rails With Devise Api Gem

bundle add devise devise-api

rails g devise:install && rails g devise user

rails g devise_api:install

# Gemfile
gem 'rack-cors'

# config/initializers/cors.rb

# Be sure to restart your server when you modify this file.

# Avoid CORS issues when API is called from the frontend app.
# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin Ajax requests.

# Read more: https://github.com/cyu/rack-cors

Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins "*"

    resource "*",
      headers: :any,
      methods: [:get, :post, :put, :patch, :delete, :options, :head]
  end
end

class ImagesController < ApplicationController
  before_action :authenticate_devise_api_token!, only: [:create]

  def index; end

  def create
    devise_api_token = current_devise_api_token

    if devise_api_token
      render json: { message: "You are logged in as #{devise_api_token.resource_owner.email}" }, status: :ok
    else
      render json: { message: 'You are not logged in' }, status: :unauthorized
    end
  end
end

class User < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :validatable, :api #add this
end

POST http://localhost:3000/users/tokens/sign_up
Content-Type: application/json

{
    "email": "mary.sawyer@gmail.com",
    "password": "password123&"

}

POST http://localhost:3000/users/tokens/sign_in
Content-Type: application/json

{
    "email": "mary.sawyer@gmail.com",
    "password": "password123&"

}

POST http://localhost:3000/images
Content-Type: application/json
Authorization: Bearer QL4sqV4Q7-yZcAKvmaxVCYqsBaHwpw81Jks2sk5mKjPiijxG5jJsuki7JBtU

{
    "image": "image"
    
}