class Challah::TokenTechnique

Allows authentication with a token URL parameter or X-Auth-Token header. Useful for API-based authentication.

Attributes

token[R]
user_model[RW]

Public Class Methods

new(session) click to toggle source
# File lib/challah/techniques/token_technique.rb, line 8
def initialize(session)
  if session.request && session.request.headers[header_key]
    @token = session.request.headers[header_key].to_s
  else
    @token = session.params[:token].to_s
  end
end

Public Instance Methods

authenticate() click to toggle source
# File lib/challah/techniques/token_technique.rb, line 16
def authenticate
  # Token authorization functionality is only enabled with the :token_enabled option.
  # This is turned off by default and must be manually enabled for security reasons.
  return nil unless Challah.options[:token_enabled]

  return nil unless token.present?

  if user = user_model.where(api_key: token).first
    if user.valid_session?
      return user
    end
  end

  nil
end
header_key() click to toggle source
# File lib/challah/techniques/token_technique.rb, line 32
def header_key
  Challah.options[:token_header] || "X-Auth-Token"
end
persist?() click to toggle source
# File lib/challah/techniques/token_technique.rb, line 36
def persist?
  false
end