Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rewrite simple_token_authentication to a Devise strategy #69

20 changes: 15 additions & 5 deletions lib/simple_token_authentication.rb
Original file line number Diff line number Diff line change
@@ -1,7 +1,17 @@
require 'simple_token_authentication/acts_as_token_authenticatable'
require 'simple_token_authentication/acts_as_token_authentication_handler'
require 'simple_token_authentication/configuration'
require 'devise'

module SimpleTokenAuthentication
extend Configuration
module Devise
mattr_accessor :token_header_names
@@token_header_names = {}

mattr_accessor :sign_in_token
@@sign_in_token = false
end

Devise.add_module(
:simple_token_authenticatable,
route: :session,
strategy: true,
controller: :session,
model: 'simple_token_authentication/model'
)
33 changes: 0 additions & 33 deletions lib/simple_token_authentication/acts_as_token_authenticatable.rb

This file was deleted.

This file was deleted.

15 changes: 0 additions & 15 deletions lib/simple_token_authentication/configuration.rb

This file was deleted.

33 changes: 33 additions & 0 deletions lib/simple_token_authentication/model.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
require 'simple_token_authentication/strategy'

module Devise
module Models
module SimpleTokenAuthenticatable
extend ActiveSupport::Concern

# Please see https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
# before editing this file, the discussion is very interesting.

included do
private :generate_authentication_token
before_save :ensure_authentication_token
end

def ensure_authentication_token
if authentication_token.blank?
self.authentication_token = generate_authentication_token
end
end

def generate_authentication_token
loop do
token = Devise.friendly_token
break token unless self.class.exists?(authentication_token: token)
end
end

module ClassMethods
end
end
end
end
64 changes: 64 additions & 0 deletions lib/simple_token_authentication/strategy.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
require 'devise/strategies/authenticatable'

module Devise
module Strategies
class SimpleTokenAuthenticatable < Authenticatable

def valid?
auth_key.present?
end

def authenticate!
resource = mapping.to.find_for_authentication(login_with => auth_key)

if resource && validate(resource) { Devise.secure_compare(resource.authentication_token, token) }
success!(resource)
else
return fail(:invalid)
end

end

def store
::Devise.sign_in_token
end

private

def snake_resource_name
mapping.to.name.underscore
end

def login_with
'email'
end

# Pass in auth key as resource_name_key e.g. user_email or
def auth_key
params["#{snake_resource_name}_#{login_with}"] || lookup_header
end

def token
params["#{snake_resource_name}_token"] || token_header
end

def configured_headings
::Devise.token_header_names[snake_resource_name.to_sym] || {}
end

def token_header
configured_key = configured_headings[:authentication_token]
token_key = configured_key.presence ? configured_key : "X-#{mapping.to.name}-Token"
request.headers[token_key]
end

def lookup_header
configured_key = configured_headings[login_with.to_sym]
lookup_key = configured_key.presence ? configured_key : "X-#{mapping.to.name}-#{login_with.camelize}"
request.headers[lookup_key]
end
end
end
end

Warden::Strategies.add(:simple_token_authenticatable, Devise::Strategies::SimpleTokenAuthenticatable)