Allow PUT API to update user.

2 files changed, 9 insertions, 4 deletions

diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 6cb438b..ad51354 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,8 +1,5 @@
 class UsersController < ApplicationController
 
-  skip_before_filter :verify_authenticity_token, :only => [:create]
-
-
   before_filter :authorize, :only => [:show, :edit, :update, :destroy]
   before_filter :fetch_user, :only => [:show, :edit, :update, :destroy]
   before_filter :set_anchor, :only => [:edit, :update]
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index eda2fad..e8e8f00 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -1,13 +1,21 @@
 module V1
   class UsersController < ApplicationController
 
-    skip_before_filter :verify_authenticity_token, :only => [:create]
+    skip_before_filter :verify_authenticity_token
+    before_filter :authorize, :only => [:update]
 
     respond_to :json
 
     def create
       @user = User.create(params[:user])
+      respond_with @user # return ID instead?
+    end
+
+    def update
+      @user = User.find_by_param(params[:id])
+      @user.update_attributes(params[:user])
       respond_with @user
     end
+
   end
 end