Sha256: 5a620ba01a3ec438f6eab5a0d32bbca40eec8184a20392e9c92adda0e2817006

Contents?: true

Size: 809 Bytes

Versions: 126

Compression:

Stored size: 809 Bytes

Contents

# frozen_string_literal: true

#
# From https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
#
require "devise"

module Renalware
  module API
    class TokenAuthenticatedApiController < ApplicationController
      before_action :authenticate_user_from_token!
      before_action :authenticate_user! # fallback

      private

      def authenticate_user_from_token!
        username = params[:username].presence
        user = username && User.find_by(username: username)

        # Notice how we use Devise.secure_compare to compare the token
        # in the database with the token given in the params, mitigating
        # timing attacks.
        if user && ::Devise.secure_compare(user.authentication_token, params[:token])
          sign_in user, store: false
        end
      end
    end
  end
end

Version data entries

126 entries across 126 versions & 1 rubygems

Version Path
renalware-core-2.0.159 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.158 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.157 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.156 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.155 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.153 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.152 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.151 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.149 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.148 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.147 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.146 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.145 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.144 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.143 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.142 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.141 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.140 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.139 app/controllers/renalware/api/token_authenticated_api_controller.rb
renalware-core-2.0.138 app/controllers/renalware/api/token_authenticated_api_controller.rb