Class: Devise::Strategies::TokenAuthenticatable

Inherits:
Authenticatable
  • Object
show all
Defined in:
lib/devise/strategies/token_authenticatable.rb

Overview

Strategy for signing in a user, based on a authenticatable token. This works for both params and http. For the former, all you need to do is to pass the params in the URL:

http://myapp.example.com/?user_token=SECRET

For headers, you can use basic authentication passing the token as username and blank password. Since some clients may require a password, you can pass “X” as password and it will simply be ignored.

You may also pass the token using the Token authentication mechanism provided by Rails: api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html The token options are stored in request.env

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Instance Attribute Details

- (Object) authentication_hash Originally defined in class Authenticatable

Returns the value of attribute authentication_hash

- (Object) authentication_type Originally defined in class Authenticatable

Returns the value of attribute authentication_type

- (Object) password Originally defined in class Authenticatable

Returns the value of attribute password

Instance Method Details

- (Object) authenticate! 



26
27
28
29
30
31
32
33
34
 
# File 'lib/devise/strategies/token_authenticatable.rb', line 26

def authenticate!
  resource = mapping.to.find_for_token_authentication(authentication_hash)
  return fail(:invalid_token) unless resource

  if validate(resource)
    resource.after_token_authentication
    success!(resource)
  end
end

- (Boolean) store?

Returns:

  • (Boolean) 


18
19
20
 
# File 'lib/devise/strategies/token_authenticatable.rb', line 18

def store?
  super && !mapping.to.skip_session_storage.include?(:token_auth)
end

- (Boolean) valid?

Returns:

  • (Boolean) 


22
23
24
 
# File 'lib/devise/strategies/token_authenticatable.rb', line 22

def valid?
  super || valid_for_token_auth?
end