Zyph Martin Design Studios Categories

Daily

Design

Identity

Print

Web Design

Web Development


Zyph Martin Design Studios Search


Zyph Martin Design Studios Recent Entries

THINGS I'M THANKFUL FOR

Posted on November 22 2012


BEST THING I'VE SEEN IN A LONG TIME.

Posted on April 11 2012


TELLING IT LIKE IT IS.

Posted on January 26 2012


COMING SOON TO A BROWSER NEAR YOU!

Posted on December 01 2011


SAY GOODBYE TO FLASH...

Posted on June 09 2011


VIEW ARCHIVES -->


SIMPLE AUTH TOKEN EXAMPLE WITH DEVISE



Auth_token_zm

Just trying to play catch up on a number of things. I haven't posted anything in quite a while so I thought I would post something I have been seeing asked a lot on the devise mailing list, how to use :token_authenicatable. I thought I would put up a simple example of how some of the features work. Keep in mind that :token_authenticatable strategy in devise is a set of helper methods to generate and remove tokens, and it also has some callbacks you can use. That's it, from there you need to handle how you want to deal with the tokens. If you have not read the :token_authenticatable model in the source code I recommend that you do it is documented very well devise :token_authenticatable.rb. I added all this to the previous application that I posted on github

 

So assuming that you have a basic user application setup this is all I did. I created a token_authentications_controller.rb so I could allow users to generate and delete the token.

# token_authentications_controller.rb

class TokenAuthenticationsController < ApplicationController 

  def create
    @user = User.criteria.id(params[:user_id]).first
    @user.reset_authentication_token!
    redirect_to edit_user_registration_path(@user)
  end

  def destroy
    @user = User.criteria.id(params[:id]).first
    @user.authentication_token = nil
    @user.save
    redirect_to edit_user_registration_path(@user)
  end

end

Add the proper routes to routes.rb

# routes.rb

resources :token_authentications, :only => [:create, :destroy]

also make sure that you have added the :token_authenticatable strategy in you model and set the config.token_authentication_key in your devise initializer

# user.rb

devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :token_authenticatable

# devise.rb

config.token_authentication_key = :auth_token

So now that we have all that I just added some simple links in the registrations/edit.html.erb view so the user could generate and delete the tokens themselves.

# registrations/edit.html.erb

<p><%= f.label :token_authentication_key %><br />
<%= resource.authentication_token.blank? ? "Token Empty" : resource.authentication_token %></p>

<p><%= link_to "Generate Token", token_authentications_path(:user_id => resource.id), :method => :post, :confirm => "Are you sure?"  %>
<%= link_to "Delete Token", token_authentication_path(resource), :method => :delete, :confirm => "Are you sure?"  %></p>

<% if resource.authentication_token %>
  <p>You can use this url to login<br />
  <%= link_to "http://localhost:3000#{root_path(:auth_token => resource.authentication_token)}", root_path(:auth_token => resource.authentication_token)  %></p>
<% end %>

Now a user can login with token authentication. Feel free to clone the repo and play around with it. Again this is a very basic look at a couple of the methods devise offers. If you have any questions or thoughts to add please feel free to leave a comment.

 

On another note. I also extended to registrations controller so when a user signs up they are automatically given the role of user instead of nil.



Back To Blog - Posted on December 20 2010 by Brandon Martin



blog comments powered by Disqus