class Challah::TokenTechnique
Allows authentication with a token URL parameter or X-Auth-Token header. Useful for API-based authentication.
Attributes
token[R]
user_model[RW]
Public Class Methods
new(session)
click to toggle source
# File lib/challah/techniques/token_technique.rb, line 8 def initialize(session) if session.request && session.request.headers[header_key] @token = session.request.headers[header_key].to_s else @token = session.params[:token].to_s end end
Public Instance Methods
authenticate()
click to toggle source
# File lib/challah/techniques/token_technique.rb, line 16 def authenticate # Token authorization functionality is only enabled with the :token_enabled option. # This is turned off by default and must be manually enabled for security reasons. return nil unless Challah.options[:token_enabled] return nil unless token.present? if user = user_model.where(api_key: token).first if user.valid_session? return user end end nil end
header_key()
click to toggle source
# File lib/challah/techniques/token_technique.rb, line 32 def header_key Challah.options[:token_header] || "X-Auth-Token" end
persist?()
click to toggle source
# File lib/challah/techniques/token_technique.rb, line 36 def persist? false end