devise-token_authenticatable 0.5.3 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +14 -1
- data/lib/devise/token_authenticatable/strategy.rb +1 -1
- data/lib/devise/token_authenticatable/version.rb +1 -1
- data/spec/requests/devise/token_authenticatable/strategy_spec.rb +4 -4
- data/spec/support/rails_app/config/initializers/devise.rb +6 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ed65a2853c7ca8e63800dc11754c1036c3c4fd82
|
|
4
|
+
data.tar.gz: 02c85daddbfed9ee0e105513d2d97c6b6a295dac
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0a3bc9cfe84c6c6040637c5cae86a1eeeea2cc7ab7a265137bfaf3bec95c73689065418ff604ed3d12f88c08c0394c7d3d0b282b7983f547c9503b776688e9e3
|
|
7
|
+
data.tar.gz: e1fc1fa35969f7526ee7152146143adb780207f7d7e0d0fdcccfc8e14fae907b181b11eba363354d6b5e6075b7fc6e8a4f3cd6a59ec7eecc39d6e8298bfd2695
|
data/README.md
CHANGED
|
@@ -29,7 +29,7 @@ Or install it yourself as:
|
|
|
29
29
|
`~> 0.3` | `~> 3.4.0`
|
|
30
30
|
`~> 0.4.0`, `< 0.4.9` | `~> 3.5.0`, `< 3.5.2`
|
|
31
31
|
`~> 0.4.9` | `~> 3.5.2`
|
|
32
|
-
`~> 0.5.x`
|
|
32
|
+
`~> 0.5.x`, `<= 1.0.0` | `>= 4.0.0`, `< 4.4.0`
|
|
33
33
|
|
|
34
34
|
## Usage
|
|
35
35
|
|
|
@@ -66,6 +66,19 @@ Devise::TokenAuthenticatable.setup do |config|
|
|
|
66
66
|
end
|
|
67
67
|
```
|
|
68
68
|
|
|
69
|
+
Enable devise's HTTP Auth for the token strategy as shown below:
|
|
70
|
+
|
|
71
|
+
```ruby
|
|
72
|
+
# initializers/devise.rb
|
|
73
|
+
Devise.setup do |config|
|
|
74
|
+
# ...
|
|
75
|
+
config.http_authenticatable = true
|
|
76
|
+
# or
|
|
77
|
+
config.http_authenticatable = [:token]
|
|
78
|
+
# ...
|
|
79
|
+
end
|
|
80
|
+
```
|
|
81
|
+
|
|
69
82
|
## Troubleshooting
|
|
70
83
|
|
|
71
84
|
##### Using a new user's auth token does not result in invalidating an old users session. How can I ignore session storage when using token authentication?
|
|
@@ -57,7 +57,7 @@ module Devise
|
|
|
57
57
|
|
|
58
58
|
# Check if the model accepts this strategy as token authenticatable.
|
|
59
59
|
def token_authenticatable?
|
|
60
|
-
mapping.to.http_authenticatable?(:
|
|
60
|
+
mapping.to.http_authenticatable?(:token)
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
# Check if this is strategy is valid for token authentication by:
|
|
@@ -224,7 +224,7 @@ describe Devise::Strategies::TokenAuthenticatable do
|
|
|
224
224
|
|
|
225
225
|
it "should redirect to root path" do
|
|
226
226
|
swap Devise::TokenAuthenticatable, token_authentication_key: :secret_token do
|
|
227
|
-
swap Devise, http_authenticatable: [:
|
|
227
|
+
swap Devise, http_authenticatable: [:token] do
|
|
228
228
|
sign_in_as_new_user_with_token(token_auth: true, token_options: { signature: signature, nonce: 'def' })
|
|
229
229
|
|
|
230
230
|
expect(response).to be_success
|
|
@@ -234,7 +234,7 @@ describe Devise::Strategies::TokenAuthenticatable do
|
|
|
234
234
|
|
|
235
235
|
it "should set the signature option" do
|
|
236
236
|
swap Devise::TokenAuthenticatable, token_authentication_key: :secret_token do
|
|
237
|
-
swap Devise, http_authenticatable: [:
|
|
237
|
+
swap Devise, http_authenticatable: [:token] do
|
|
238
238
|
sign_in_as_new_user_with_token(token_auth: true, token_options: { signature: signature, nonce: 'def' })
|
|
239
239
|
|
|
240
240
|
expect(request.env['devise.token_options'][:signature]).to eq(signature)
|
|
@@ -244,7 +244,7 @@ describe Devise::Strategies::TokenAuthenticatable do
|
|
|
244
244
|
|
|
245
245
|
it "should set the nonce option" do
|
|
246
246
|
swap Devise::TokenAuthenticatable, token_authentication_key: :secret_token do
|
|
247
|
-
swap Devise, http_authenticatable: [:
|
|
247
|
+
swap Devise, http_authenticatable: [:token] do
|
|
248
248
|
sign_in_as_new_user_with_token(token_auth: true, token_options: { signature: signature, nonce: 'def' })
|
|
249
249
|
|
|
250
250
|
expect(request.env['devise.token_options'][:nonce]).to eq('def')
|
|
@@ -254,7 +254,7 @@ describe Devise::Strategies::TokenAuthenticatable do
|
|
|
254
254
|
|
|
255
255
|
it "should authenticate user" do
|
|
256
256
|
swap Devise::TokenAuthenticatable, token_authentication_key: :secret_token do
|
|
257
|
-
swap Devise, http_authenticatable: [:
|
|
257
|
+
swap Devise, http_authenticatable: [:token] do
|
|
258
258
|
sign_in_as_new_user_with_token(token_auth: true, token_options: { signature: signature, nonce: 'def' })
|
|
259
259
|
|
|
260
260
|
expect(warden).to be_authenticated(:user)
|
|
@@ -48,7 +48,12 @@ Devise.setup do |config|
|
|
|
48
48
|
# Tell if authentication through request.params is enabled. True by default.
|
|
49
49
|
# config.params_authenticatable = true
|
|
50
50
|
|
|
51
|
-
# Tell if authentication through HTTP
|
|
51
|
+
# Tell if authentication through HTTP Auth is enabled. False by default.
|
|
52
|
+
# It can be set to an array that will enable http authentication only for the
|
|
53
|
+
# given strategies, for example, `config.http_authenticatable = [:database]` will
|
|
54
|
+
# enable it only for database authentication. The supported strategies are:
|
|
55
|
+
# :database = Support basic authentication with authentication key + password
|
|
56
|
+
# :token = Support token authentication
|
|
52
57
|
config.http_authenticatable = true
|
|
53
58
|
|
|
54
59
|
# If http headers should be returned for AJAX requests. True by default.
|