Sha256: ac9e38773c3cc82f2745a8809062419c042c6af8a76a7c408ea3364701f55cb3
Contents?: true
Size: 806 Bytes
Versions: 5
Compression:
Stored size: 806 Bytes
Contents
require_dependency "renalware" require "devise" # # From https://gist.github.com/josevalim/fb706b1e933ef01e4fb6 # module Renalware module API class TokenAuthenticatedApiController < ApplicationController before_action :authenticate_user_from_token! before_action :authenticate_user! # fallback private def authenticate_user_from_token! username = params[:username].presence user = username && User.find_by(username: username) # Notice how we use Devise.secure_compare to compare the token # in the database with the token given in the params, mitigating # timing attacks. if user && Devise.secure_compare(user.authentication_token, params[:token]) sign_in user, store: false end end end end end
Version data entries
5 entries across 5 versions & 1 rubygems