Sha256: 51d12946e54203208f9617224b3962e3c519d29d45b57bb8dc79b58716763ede
Contents?: true
Size: 1.5 KB
Versions: 6
Compression:
Stored size: 1.5 KB
Contents
require 'devise/strategies/base'
module Devise
module Strategies
# Strategy for signing in a user, based on a authenticatable token. This works for both params
# and http. For the former, all you need to do is to pass the params in the URL:
#
# http://myapp.example.com/?user_token=SECRET
#
# For HTTP, you can pass the token as username and blank password. Since some clients may require
# a password, you can pass "X" as password and it will simply be ignored.
class TokenAuthenticatable < Authenticatable
def store?
!mapping.to.stateless_token
end
def authenticate!
resource = mapping.to.find_for_token_authentication(authentication_hash)
if validate(resource)
resource.after_token_authentication
success!(resource)
else
fail(:invalid_token)
end
end
private
# TokenAuthenticatable request is valid for any controller and any verb.
def valid_request?
true
end
# Do not use remember_me behavior with token.
def remember_me?
false
end
# Try both scoped and non scoped keys.
def params_auth_hash
params[scope] || params
end
# Overwrite authentication keys to use token_authentication_key.
def authentication_keys
@authentication_keys ||= [mapping.to.token_authentication_key]
end
end
end
end
Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)
Version data entries
6 entries across 6 versions & 5 rubygems