Skip to content
This repository was archived by the owner on Nov 9, 2017. It is now read-only.

Token-Based Authentication#9

Open
kendagriff wants to merge 13 commits into
GBH:masterfrom
kendagriff:master
Open

Token-Based Authentication#9
kendagriff wants to merge 13 commits into
GBH:masterfrom
kendagriff:master

Conversation

@kendagriff

Copy link
Copy Markdown
Contributor

I love that letmein it stays out of the way of controllers and views. I'm adding API interactions to a new project, and it seemed like letmein was a great project for token-based authentication. Essentially, passing a pre-generated token alone to the UserSession object will grant access.

The way I've implemented it is by introducing two accessors:

LetMeIn.configure do |c|
  c.models = ['User', 'Admin']
  c.attributes = ['email', 'username']
  c.passwords = ['password_hash', 'pass_hash']
  c.salts = ['password_salt', 'pass_salt']
  c.tokens = ['auth_token', 'token_auth']
  c.generate_tokens = [false, true]
end

generate_tokens turns the feature on or off. It's false by default. If it's turned off, no token is generated. If a token is provided to UserSession, it will take precedence.

Let me know your thoughts, whether you'd prefer other changes or it simply misses the boat. If you'd like to include it, I'd be happy to write documentation.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant