class Devise::Strategies::TokenAuthenticatable

Attributes

current_sign_in_at[RW]
current_sign_in_ip[RW]
user_id[RW]

Public Instance Methods

authenticate!() click to toggle source
# File lib/devise_token_authenticatable/strategies/token_authenticatable.rb, line 9
def authenticate!
  env['devise.skip_trackable'] = true

  resource = user_id.present? && mapping.to.find_for_database_authentication(authentication_hash)

  return fail(:timeout) if resource.respond_to?(:timedout?) && !env['devise.skip_timeout'] && resource.timedout?(current_sign_in_at)

  if validate(resource) { !resource.token_ip_verifier || request.remote_ip == current_sign_in_ip }
    success!(resource)
  end

  fail(:timeout) unless resource
end
store?() click to toggle source
Calls superclass method
# File lib/devise_token_authenticatable/strategies/token_authenticatable.rb, line 27
def store?
  super && !mapping.to.skip_session_storage.include?(authentication_type)
end
valid?() click to toggle source
# File lib/devise_token_authenticatable/strategies/token_authenticatable.rb, line 23
def valid?
  valid_for_http_auth?
end

Private Instance Methods

decode_credentials() click to toggle source
# File lib/devise_token_authenticatable/strategies/token_authenticatable.rb, line 50
def decode_credentials
  return {} unless request.authorization && request.authorization =~ /^Bearer (.*)/mi

  payload = JWT.decode(Base64.decode64($1), Devise.secret_key, true, { algorithm: 'HS256' }).first
  payload['current_sign_in_at'] = Time.parse(payload['current_sign_in_at']) if payload['current_sign_in_at'].present?
  payload
rescue JWT::DecodeError
  {}
end
http_auth_hash() click to toggle source
# File lib/devise_token_authenticatable/strategies/token_authenticatable.rb, line 46
def http_auth_hash
  decode_credentials
end
valid_for_http_auth?() click to toggle source
# File lib/devise_token_authenticatable/strategies/token_authenticatable.rb, line 33
def valid_for_http_auth?
  request.authorization && with_authentication_hash(:http_auth, http_auth_hash)
end
with_authentication_hash(auth_type, auth_values) click to toggle source
# File lib/devise_token_authenticatable/strategies/token_authenticatable.rb, line 37
def with_authentication_hash(auth_type, auth_values)
  self.authentication_hash, self.authentication_type = {}, auth_type
  self.user_id = auth_values['id']
  self.current_sign_in_at = auth_values['current_sign_in_at']
  self.current_sign_in_ip = auth_values['current_sign_in_ip']

  parse_authentication_key_values(auth_values, ['id'])
end