Sha256: 3036829dfdadeadf9d2569027903e5d6ce98a2a7abdbde94db2611164f9b7b38
Contents?: true
Size: 1.41 KB
Versions: 1
Compression:
Stored size: 1.41 KB
Contents
module Authlogic
module Session
# = Params
#
# Tries to log the user in via params. Think about cookies and sessions. They are just hashes in your controller, so are params. People never
# look at params as an authentication option, but it can be useful for logging into private feeds, etc. Logging in a user is as simple as:
#
# https://www.domain.com?user_credentials=[insert single access token here]
#
# Wait, what is a single access token? It is all explained in the README. Checkout the "Tokens" section in the README, there is section about
# single access tokens. For security reasons, this type of authentication is ONLY available via single access tokens, you can NOT pass your persistence token.
module Params
# Tries to validate the session from information in the params token
def valid_params?
if params_credentials && single_access_token_field && (single_access_allowed_request_types.include?(controller.request_content_type) || single_access_allowed_request_types.include?(:all))
self.unauthorized_record = search_for_record("find_by_#{single_access_token_field}", params_credentials)
self.persisting = false
return true if valid?
self.persisting = true
else
false
end
end
private
def params_credentials
controller.params[params_key]
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| authlogic-1.3.9 | lib/authlogic/session/params.rb |