devise_token_auth 0.1.21.alpha2 → 0.1.23.alpha1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2a480547b2d43a6475cd6e9a0182ceb204f2fd8d
-  data.tar.gz: 8b690b9d3390f156bfa02427bc6d2af282187b53
+  metadata.gz: bdad6abe21b7c1848bd5f8d29c186a8207c732af
+  data.tar.gz: 9aad078a90eb06a3f4f19da8215669b65bb12b52
 SHA512:
-  metadata.gz: 932fc776673a4114055e7403f8d17e44575630743d6ac69dd7ae86d2089effcafcfd86b8b19007953bb084c4d09c34d23ddf522673c93edd9b669bf80aa3181b
-  data.tar.gz: 80448a5ea78f8e2c9a211b51de8fad7cbeb5b135092cecfe5b89230f75487f1a63cf8f9edf233bea918be0614091f21ba81ec34f509a133c912c39f1c74dd093
+  metadata.gz: 43b0f67d17b1994aa29e61fc1002737bb49eac4dce6618b99e581fb47dd30aa2bf48d2c6b41887e587af8c6561fc57b93206551015efbef9a81a264e5038d9f8
+  data.tar.gz: b976ddd32096eb073a6f4a36a58dc6d86562b85d32eb985487149236a9e747c7cbf3ccc1bbf428bb8099106527142fdc9f48a525e09a263838d13e5e129d6769

data/README.md

@@ -1,8 +1,9 @@
 # Devise Token Auth
 
+[![Gem Version](https://badge.fury.io/rb/devise_token_auth.svg)](http://badge.fury.io/rb/devise_token_auth)
 [![Build Status](https://travis-ci.org/lynndylanhurley/devise_token_auth.svg?branch=master)](https://travis-ci.org/lynndylanhurley/devise_token_auth)
-[![Code Climate](https://codeclimate.com/github/lynndylanhurley/devise_token_auth.png)](https://codeclimate.com/github/lynndylanhurley/devise_token_auth)
-[![Test Coverage](https://codeclimate.com/github/lynndylanhurley/devise_token_auth/coverage.png)](https://codeclimate.com/github/lynndylanhurley/devise_token_auth)
+[![Code Climate](http://img.shields.io/codeclimate/github/lynndylanhurley/devise_token_auth.svg)](https://codeclimate.com/github/lynndylanhurley/devise_token_auth)
+[![Test Coverage](http://img.shields.io/codeclimate/coverage/github/lynndylanhurley/devise_token_auth.svg)](https://codeclimate.com/github/lynndylanhurley/devise_token_auth)
 [![Dependency Status](https://gemnasium.com/lynndylanhurley/devise_token_auth.svg)](https://gemnasium.com/lynndylanhurley/devise_token_auth)
 
 This gem provides simple, secure token based authentication.
@@ -19,7 +20,7 @@ The fully configured api used in the demo can be found [here](https://github.com
 This project leverages the following gems:
 
 * [Devise](https://github.com/plataformatec/devise)
-* [Omniauth](https://github.com/intridea/omniauth)
+* [OmniAuth](https://github.com/intridea/omniauth)
 
 # Installation
 Add the following to your `Gemfile`:
@@ -34,9 +35,9 @@ Then install the gem using bundle:
 bundle install
 ~~~
 
-# Configuration TLDR;
+# Configuration TL;DR
 
-You will need to create a [user model](#model-concerns), [define routes](#mounting-routes), [include concerns](#controller-concerns), and you may want to alter some of the [default settings](#initializer-settings) for this gem. Run the following to append the routes and generate the model, migration, and initializer files:
+You will need to create a [user model](#model-concerns), [define routes](#mounting-routes), [include concerns](#controller-concerns), and you may want to alter some of the [default settings](#initializer-settings) for this gem. Run the following command for an easy one-step installation:
 
 ~~~bash
 rails g devise_token_auth:install [USER_CLASS] [MOUNT_PATH]
@@ -65,15 +66,16 @@ The following events will take place when using the install generator:
   rake db:migrate
   ~~~
 
-You will also need to configure the following features that are external to this gem:
+You may also need to configure the following items:
 
-* [Omniauth providers](#omniauth-authentication) for 3rd party oauth2 authentication.
-* [Cross Origin Request Settings](#cors) when using cross-domain clients.
-* [Email](#email-authentication) for email registration.
+* **OmniAuth providers** when using 3rd party oauth2 authentication. [Read more](#omniauth-authentication).
+* **Cross Origin Request Settings** when using cross-domain clients. [Read more](#cors).
+* **Email** when using email registration. [Read more](#email-authentication).
+* **Multiple model support** may require additional steps. [Read more](#using-multiple-models).
 
 [Jump here](#configuration-cont) for more configuration information.
 
-# Usage TLDR;
+# Usage TL;DR
 
 The following routes are available for use by your client. These routes live relative to the path at which this engine is mounted (`/auth` by default). These routes correspond to the defaults used by the [ng-token-auth](https://github.com/lynndylanhurley/ng-token-auth) module for angular.js.
 
@@ -105,22 +107,22 @@ The following settings are available for configuration in `config/initializers/d
 | **`omniauth_prefix`** | `"/omniauth"` | This route will be the prefix for all oauth2 redirect callbacks. For example, using the default '/omniauth' setting, the github oauth2 provider will redirect successful authentications to '/omniauth/github/callback'. [Read more](#omniauth-provider-settings). |
 
 
-## Omniauth authentication
+## OmniAuth authentication
 
 If you wish to use omniauth authentication, add all of your desired authentication provider gems to your `Gemfile`.
 
-**Omniauth example using github, facebook, and google**:
+**OmniAuth example using github, facebook, and google**:
 ~~~ruby
-gem 'omniauth-github',        :git => 'git://github.com/intridea/omniauth-github.git'
-gem 'omniauth-facebook',      :git => 'git://github.com/mkdynamic/omniauth-facebook.git'
-gem 'omniauth-google-oauth2', :git => 'git://github.com/zquestz/omniauth-google-oauth2.git'
+gem 'omniauth-github'
+gem 'omniauth-facebook'
+gem 'omniauth-google-oauth2'
 ~~~
 
 Then run `bundle install`.
 
 [List of oauth2 providers](https://github.com/intridea/omniauth/wiki/List-of-Strategies)
 
-## Omniauth provider settings
+## OmniAuth provider settings
 
 In `config/initializers/omniauth.rb`, add the settings for each of your providers.
 
@@ -138,9 +140,9 @@ end
 
 The above example assumes that your provider keys and secrets are stored in environmental variables. Use the [figaro](https://github.com/laserlemon/figaro) gem (or [dotenv](https://github.com/bkeepers/dotenv) or [secrets.yml](https://github.com/rails/rails/blob/v4.1.0/railties/lib/rails/generators/rails/app/templates/config/secrets.yml) or equivalent) to accomplish this.
 
-#### Omniauth callback settings
+#### OmniAuth callback settings
 
-The "Callback URL" setting that you set with your provider must correspond to the [omniauth prefix](#initializer-settings) setting defined by this app. **This will be different than the omniauth route that is used by your client application**. 
+The "Callback URL" setting that you set with your provider must correspond to the [omniauth prefix](#initializer-settings) setting defined by this app. **This will be different than the omniauth route that is used by your client application**.
 
 For example, the demo app uses the default `omniauth_prefix` setting `/omniauth`, so the "Authorization callback URL" for github must be set to "http://devise-token-auth-demo.herokuapp.com**/omniauth**/github/callback".
 
@@ -171,7 +173,7 @@ angular.module('myApp', ['ng-token-auth'])
   });
 ~~~
 
-This incongruence is necessary to support multiple user classes and mounting points. 
+This incongruence is necessary to support multiple user classes and mounting points.
 
 #### Note for [pow](http://pow.cx/) and [xip.io](http://xip.io) users
 
@@ -204,9 +206,9 @@ end
 
 ## CORS
 
-If your API and client live on different domains, you will need to configure your Rails API to allow cross origin requests. The [rack-cors](https://github.com/cyu/rack-cors) gem can be used to accomplish this.
+If your API and client live on different domains, you will need to configure your Rails API to allow [cross origin requests](http://en.wikipedia.org/wiki/Cross-origin_resource_sharing). The [rack-cors](https://github.com/cyu/rack-cors) gem can be used to accomplish this.
 
-The following example will allow cross domain requests from any domain.
+The following **dangerous** example will allow cross domain requests from **any** domain. Make sure to whitelist only the needed domains.
 
 ##### Example rack-cors configuration:
 ~~~ruby
@@ -241,10 +243,10 @@ The authentication routes must be mounted to your project. This gem includes a r
 
 **`mount_devise_token_auth_for`** - similar to `devise_for`, this method is used to append the routes necessary for user authentication. This method accepts the following arguments:
 
-| Argument | Type | Description |
-|---|---|---|
-|`class_name`| string | The name of the class to use for authentication. This class must include the [model concern described here](#model-concerns). |
-| `options` | object | The [routes to be used for authentication](#usage) will be prefixed by the path specified in the `at` param of this object. |
+| Argument | Type | Default | Description |
+|---|---|---|---|
+|`class_name`| string | 'User' | The name of the class to use for authentication. This class must include the [model concern described here](#model-concerns). |
+| `options` | object | {at: '/auth'} | The [routes to be used for authentication](#usage) will be prefixed by the path specified in the `at` param of this object. |
 
 **Example**:
 ~~~ruby
@@ -252,6 +254,8 @@ The authentication routes must be mounted to your project. This gem includes a r
 mount_devise_token_auth_for 'User', at: '/auth'
 ~~~
 
+Any model class can be used, but the class will need to include [`DeviseTokenAuth::Concerns::SetUserByToken`](#model-concerns) for authentication to work properly.
+
 You can mount this engine to any route that you like. `/auth` is used by default to conform with the defaults of the [ng-token-auth](https://github.com/lynndylanhurley/ng-token-auth) module.
 
 
@@ -259,7 +263,7 @@ You can mount this engine to any route that you like. `/auth` is used by default
 
 ##### DeviseTokenAuth::Concerns::SetUserByToken
 
-This gem includes a [Rails concern](http://api.rubyonrails.org/classes/ActiveSupport/Concern.html) called `DeviseTokenAuth::Concerns::SetUserByToken`. This concern can be used can be used in controllers to identify users by their `Authorization` header.
+This gem includes a [Rails concern](http://api.rubyonrails.org/classes/ActiveSupport/Concern.html) called `DeviseTokenAuth::Concerns::SetUserByToken`. This concern can be used in controllers to identify users by their `Authorization` header.
 
 This concern runs a [before_action](http://guides.rubyonrails.org/action_controller_overview.html#filters), setting the `@user` variable for use in your controllers. The user will be signed in via devise for the duration of the request.
 
@@ -304,7 +308,7 @@ The `Authorization` header is made up of the following components:
 * **`token`**: This serves as the user's password for each request. A hashed version of this value is stored in the database for later comparison. This value should be changed on each request.
 * **`client`**: This enables the use of multiple simultaneous sessions on different clients. (For example, a user may want to be authenticated on both their phone and their laptop at the same time.)
 * **`expiry`**: The date at which the current session will expire. This can be used by clients to invalidate expired tokens without the need for an API request.
-* **`uid`**: A unique value that is used to identify the user. This is necessary because searching the DB for users by their access token will open the API up to timing attacks.
+* **`uid`**: A unique value that is used to identify the user. This is necessary because searching the DB for users by their access token will open the API up to [timing attacks](http://codahale.com/a-lesson-in-timing-attacks/).
 
 The `Authorization` header required for each request will be available in the response from the previous request. If you are using the [ng-token-auth](https://github.com/lynndylanhurley/ng-token-auth) module for angular.js, this functionality is already provided.
 
@@ -328,12 +332,12 @@ Models that include the `DeviseTokenAuth::Concerns::SetUserByToken` concern will
   ~~~
 
 * **`create_new_auth_token`**: creates a new auth token with all of the necessary metadata. Accepts `client` as an optional argument. Will generate a new `client` if none is provided. Returns the `Authorization` header that should be sent by the client as a string.
-  
+
   **Example**:
   ~~~ruby
   # extract client_id from auth header
   client_id = request.headers['Authorization'][/client=(.*?) /,1]
-  
+
   # update token, generate updated auth headers for response
   new_auth_header = @user.create_new_auth_token(client_id)
 
@@ -355,8 +359,8 @@ Models that include the `DeviseTokenAuth::Concerns::SetUserByToken` concern will
     expiry: (Time.now + DeviseTokenAuth.token_lifespan).to_i
   }
 
-  # update token, generate updated auth headers for response
-  new_auth_header = @user.create_new_auth_token(token, client_id)
+  # generate auth headers for response
+  new_auth_header = @user.build_auth_header(token, client_id)
 
   # update response with the header that will be required by the next request
   response.headers["Authorization"] = new_auth_header
@@ -364,7 +368,7 @@ Models that include the `DeviseTokenAuth::Concerns::SetUserByToken` concern will
 
 ## Using multiple models
 
-This gem supports the use of multiple user models. One possible use case is to authorize visitors using a model called `User`, and to authorize administrators with a model called `Admin` from the same app. Take the following steps to add another authentication model to your app:
+This gem supports the use of multiple user models. One possible use case is to authenticate visitors using a model called `User`, and to authenticate administrators with a model called `Admin`. Take the following steps to add another authentication model to your app:
 
 1. Run the install generator for the new model.
   ~~~
@@ -377,26 +381,26 @@ This gem supports the use of multiple user models. One possible use case is to a
 
   **Example**:
   ~~~ruby
-Rails.application.routes.draw do
-  # when using multiple models, controllers will default to the first available
-  # devise mapping. routes for subsequent devise mappings will need to defined
-  # within a `devise_scope` block
+  Rails.application.routes.draw do
+    # when using multiple models, controllers will default to the first available
+    # devise mapping. routes for subsequent devise mappings will need to defined
+    # within a `devise_scope` block
 
-  # define :users as the first devise mapping:
-  mount_devise_token_auth_for 'User', at: '/auth'
+    # define :users as the first devise mapping:
+    mount_devise_token_auth_for 'User', at: '/auth'
 
-  # define :admins as the second devise mapping. routes using this class will
-  # need to be defined within a devise_scope as shown below
-  mount_devise_token_auth_for "Admin", at: '/admin_auth'
+    # define :admins as the second devise mapping. routes using this class will
+    # need to be defined within a devise_scope as shown below
+    mount_devise_token_auth_for "Admin", at: '/admin_auth'
 
-  # this route will authorize visitors using the User class
-  get 'demo/members_only', to: 'demo#members_only'
+    # this route will authorize requests using the User class
+    get 'demo/members_only', to: 'demo#members_only'
 
-  # routes within this block will authorize visitors using the Admin class
-  devise_scope :admin do
-    get 'demo/admins_only', to: 'demo#admins_only'
+    # routes within this block will authorize requests using the Admin class
+    devise_scope :admin do
+      get 'demo/admins_only', to: 'demo#admins_only'
+    end
   end
-end
   ~~~
 
 # Conceptual
@@ -459,7 +463,7 @@ This gem uses auth tokens that are:
 * [of cryptographic strength](http://ruby-doc.org/stdlib-2.1.0/libdoc/securerandom/rdoc/SecureRandom.html),
 * hashed using [BCrypt](https://github.com/codahale/bcrypt-ruby) (not stored in plain-text),
 * securely compared (to protect against timing attacks),
-* invalidated after 2 weeks
+* invalidated after 2 weeks (thus requiring users to login again)
 
 These measures were inspired by [this stackoverflow post](http://stackoverflow.com/questions/18605294/is-devises-token-authenticatable-secure).
 

data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb

@@ -10,6 +10,8 @@ module DeviseTokenAuth::Concerns::SetUserByToken
   def set_user_by_token
     auth_header = request.headers["Authorization"]
 
+    #binding.pry_remote
+
     # missing auth token
     return false unless auth_header
 
@@ -73,6 +75,6 @@ module DeviseTokenAuth::Concerns::SetUserByToken
   def is_batch_request?(user, client_id)
     user.tokens[client_id] and
     user.tokens[client_id]['updated_at'] and
-    user.tokens[client_id]['updated_at'] > Time.now - DeviseTokenAuth.batch_request_buffer_throttle
+    Time.parse(user.tokens[client_id]['updated_at']) > Time.now - DeviseTokenAuth.batch_request_buffer_throttle
   end
 end

data/lib/devise_token_auth/version.rb

@@ -1,3 +1,3 @@
 module DeviseTokenAuth
-  VERSION = "0.1.21.alpha2"
+  VERSION = "0.1.23.alpha1"
 end

data/lib/generators/devise_token_auth/install_generator.rb

@@ -24,7 +24,7 @@ module DeviseTokenAuth
 
     def create_user_model
       fname = "app/models/#{ user_class.underscore }.rb"
-      unless File.exist?(fname)
+      unless File.exist?(File.join(destination_root, fname))
         template("user.rb", fname)
       else
         inclusion = "include DeviseTokenAuth::Concerns::User"
@@ -41,40 +41,49 @@ module DeviseTokenAuth
       fname = "app/controllers/application_controller.rb"
       line  = "include DeviseTokenAuth::Concerns::SetUserByToken"
 
-      if parse_file_for_line(fname, line)
-        say_status("skipped", "Concern is already included in the application controller.")
-      else
-        inject_into_file fname, after: "class ApplicationController < ActionController::Base\n" do <<-'RUBY'
+      if File.exist?(File.join(destination_root, fname))
+        if parse_file_for_line(fname, line)
+          say_status("skipped", "Concern is already included in the application controller.")
+        else
+          inject_into_file fname, after: "class ApplicationController < ActionController::Base\n" do <<-'RUBY'
   include DeviseTokenAuth::Concerns::SetUserByToken
-        RUBY
+          RUBY
+          end
         end
+      else
+        say_status("skipped", "app/controllers/application_controller.rb not found. Add 'include DeviseTokenAuth::Concerns::SetUserByToken' to any controllers that require authentication.")
       end
     end
 
     def add_route_mount
       f    = "config/routes.rb"
       str  = "mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'"
-      line = parse_file_for_line(f, "mount_devise_token_auth_for")
 
-      unless line
-        line = "Rails.application.routes.draw do"
-        existing_user_class = false
-      else
-        existing_user_class = true
-      end
+      if File.exist?(File.join(destination_root, f))
+        line = parse_file_for_line(f, "mount_devise_token_auth_for")
 
-      if parse_file_for_line(f, str)
-        say_status("skipped", "Routes already exist for #{user_class} at #{mount_path}")
-      else
-        insert_after_line(f, line, str)
-
-        if existing_user_class
-          scoped_routes = ""+
-            "as :#{user_class.underscore} do\n"+
-            "    # Define routes for #{user_class} within this block.\n"+
-            "  end\n"
-          insert_after_line(f, str, scoped_routes)
+        unless line
+          line = "Rails.application.routes.draw do"
+          existing_user_class = false
+        else
+          existing_user_class = true
         end
+
+        if parse_file_for_line(f, str)
+          say_status("skipped", "Routes already exist for #{user_class} at #{mount_path}")
+        else
+          insert_after_line(f, line, str)
+
+          if existing_user_class
+            scoped_routes = ""+
+              "as :#{user_class.underscore} do\n"+
+              "    # Define routes for #{user_class} within this block.\n"+
+              "  end\n"
+            insert_after_line(f, str, scoped_routes)
+          end
+        end
+      else
+        say_status("skipped", "config/routes.rb not found. Add \"mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'\" to your routes file.")
       end
     end
 
@@ -92,7 +101,8 @@ module DeviseTokenAuth
 
     def parse_file_for_line(filename, str)
       match = false
-      File.open(filename) do |f|
+
+      File.open(File.join(destination_root, filename)) do |f|
         f.each_line do |line|
           if line =~ /(#{Regexp.escape(str)})/mi
             match = line

data/test/dummy/config/application.yml

@@ -1,9 +1,9 @@
 # Add application configuration variables here, as shown below.
-GITHUB_KEY:      4c78f513d7a412319c52
-GITHUB_SECRET:   6b82c1ea92425022d95d9dbcb75289b24417e626
+GITHUB_KEY:      "4c78f513d7a412319c52"
+GITHUB_SECRET:   "6b82c1ea92425022d95d9dbcb75289b24417e626"
 
-FACEBOOK_KEY:    519048964889141
-FACEBOOK_SECRET: 40b7a0506495382818983f10883f4d5b
+FACEBOOK_KEY:    "519048964889141"
+FACEBOOK_SECRET: "40b7a0506495382818983f10883f4d5b"
 
-GOOGLE_KEY:      276861244411-b1m3bteiuvraajilmcf8rvh83v5n4dp2.apps.googleusercontent.com
-GOOGLE_SECRET:   A9_CLZNIvPAY-T09fBiaKPEI
+GOOGLE_KEY:      "276861244411-b1m3bteiuvraajilmcf8rvh83v5n4dp2.apps.googleusercontent.com"
+GOOGLE_SECRET:   "A9_CLZNIvPAY-T09fBiaKPEI"

data/test/dummy/log/development.log

@@ -36996,3 +36996,131 @@ Started DELETE "/auth/sign_out" for 127.0.0.1 at 2014-07-16 19:46:53 -0500
 Processing by DeviseTokenAuth::SessionsController#destroy as HTML
   User Load (0.2ms)  SELECT  "users".* FROM "users"  WHERE "users"."uid" = '468037' LIMIT 1
 Completed 200 OK in 62ms (Views: 0.2ms | ActiveRecord: 0.2ms)
+
+
+Started GET "/auth/github?auth_origin_url=http://ng-token-auth.dev/" for 127.0.0.1 at 2014-07-16 22:53:35 -0500
+  ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
+
+
+Started GET "/omniauth/github?auth_origin_url=http%3A%2F%2Fng-token-auth.dev%2F&resource_class=User" for 127.0.0.1 at 2014-07-16 22:53:35 -0500
+
+
+Started GET "/omniauth/github/callback?code=02a5d64d51b77f025bc9&state=504572f3299a8d58e182304f87a3f16754cdc137184f8240" for 127.0.0.1 at 2014-07-16 22:53:35 -0500
+Processing by DeviseTokenAuth::AuthController#omniauth_success as HTML
+  Parameters: {"code"=>"02a5d64d51b77f025bc9", "state"=>"504572f3299a8d58e182304f87a3f16754cdc137184f8240", "provider"=>"github"}
+  User Load (0.1ms)  SELECT  "users".* FROM "users"  WHERE "users"."uid" = '468037' AND "users"."provider" = 'github'  ORDER BY "users"."id" ASC LIMIT 1
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  UPDATE "users" SET "confirmed_at" = ?, "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 1  [["confirmed_at", "2014-07-17 03:53:36.324507"], ["tokens", "{\"w_an0weNUDKhTtD2swV-0w\":{\"token\":\"$2a$10$TuXDtuTVo7j9SgjGrpFfheb883mJm.o.NfK2WRf4tBnUyqG8VaoaS\",\"expiry\":1406673401,\"last_token\":\"$2a$10$H/aacu1zhX7sPIZLrcBJf.L6AMZIEpWK3Y3.WWEbISi4br5Y/oQbi\",\"updated_at\":\"2014-07-15 17:36:41 -0500\"},\"JpkotX_5GMZTxCA3Kr6LSg\":{\"token\":\"$2a$10$xLT6URzVbql5Avfp5mNlpu.GNFju.QdYhSCMQmF/0eC8LNGoxS5MW\",\"expiry\":1406767570,\"last_token\":\"$2a$10$pBPj.THu5cDlfWqmbcUt9uXw9oEjtvq1/GtXQtk7CbW68YSivSfvW\",\"updated_at\":\"2014-07-16 19:46:15 -0500\"},\"506KuB-C-2mKsW6PO5BHCg\":{\"token\":\"$2a$10$ltjKp73qzSd2h.YPgdFHWO/ZT68yJzOMt3W2oqJu3JwwQuvrwG46W\",\"expiry\":1406767597,\"last_token\":\"$2a$10$0mxS.YawQiGPNWLXvXHqzu.SzA9R2vEjXc1UvD6Jl1rhJOq7IC.ii\",\"updated_at\":\"2014-07-16 19:46:37 -0500\"},\"D5CEgvw0vNDrg9YW4spS_g\":{\"token\":\"$2a$10$YxRLETQUHNcrSe4NCfp36esWrmy3d5Fqij9N76xRzTu1Ql1COPYVa\",\"expiry\":1406778816}}"], ["updated_at", "2014-07-17 03:53:36.327135"]]
+   (1.8ms)  commit transaction
+  Rendered /Users/lynnhurley/Code/Auth/devise_token_auth/app/views/devise_token_auth/omniauth_success.html.erb within layouts/omniauth_response (1.3ms)
+Completed 200 OK in 92ms (Views: 7.1ms | ActiveRecord: 2.6ms)
+
+
+Started OPTIONS "/demo/members_only" for 127.0.0.1 at 2014-07-16 22:53:39 -0500
+
+
+Started GET "/demo/members_only" for 127.0.0.1 at 2014-07-16 22:53:40 -0500
+Processing by DemoController#members_only as HTML
+  User Load (0.2ms)  SELECT  "users".* FROM "users"  WHERE "users"."uid" = '468037' LIMIT 1
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  UPDATE "users" SET "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 1  [["tokens", "{\"w_an0weNUDKhTtD2swV-0w\":{\"token\":\"$2a$10$TuXDtuTVo7j9SgjGrpFfheb883mJm.o.NfK2WRf4tBnUyqG8VaoaS\",\"expiry\":1406673401,\"last_token\":\"$2a$10$H/aacu1zhX7sPIZLrcBJf.L6AMZIEpWK3Y3.WWEbISi4br5Y/oQbi\",\"updated_at\":\"2014-07-15 17:36:41 -0500\"},\"JpkotX_5GMZTxCA3Kr6LSg\":{\"token\":\"$2a$10$xLT6URzVbql5Avfp5mNlpu.GNFju.QdYhSCMQmF/0eC8LNGoxS5MW\",\"expiry\":1406767570,\"last_token\":\"$2a$10$pBPj.THu5cDlfWqmbcUt9uXw9oEjtvq1/GtXQtk7CbW68YSivSfvW\",\"updated_at\":\"2014-07-16 19:46:15 -0500\"},\"506KuB-C-2mKsW6PO5BHCg\":{\"token\":\"$2a$10$ltjKp73qzSd2h.YPgdFHWO/ZT68yJzOMt3W2oqJu3JwwQuvrwG46W\",\"expiry\":1406767597,\"last_token\":\"$2a$10$0mxS.YawQiGPNWLXvXHqzu.SzA9R2vEjXc1UvD6Jl1rhJOq7IC.ii\",\"updated_at\":\"2014-07-16 19:46:37 -0500\"},\"D5CEgvw0vNDrg9YW4spS_g\":{\"token\":\"$2a$10$l0KoYQNx95TDUNrVg84Q3OpXyrCRajgW.Q4VABwYOQhsvFwfCuYS2\",\"expiry\":1406778820,\"last_token\":\"$2a$10$YxRLETQUHNcrSe4NCfp36esWrmy3d5Fqij9N76xRzTu1Ql1COPYVa\",\"updated_at\":\"2014-07-16 22:53:40 -0500\"}}"], ["updated_at", "2014-07-17 03:53:40.140490"]]
+   (1.7ms)  commit transaction
+Completed 200 OK in 128ms (Views: 0.7ms | ActiveRecord: 2.3ms)
+
+
+Started GET "/demo/members_only" for 127.0.0.1 at 2014-07-16 22:53:42 -0500
+Processing by DemoController#members_only as HTML
+  User Load (0.2ms)  SELECT  "users".* FROM "users"  WHERE "users"."uid" = '468037' LIMIT 1
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 1  [["tokens", "{\"w_an0weNUDKhTtD2swV-0w\":{\"token\":\"$2a$10$TuXDtuTVo7j9SgjGrpFfheb883mJm.o.NfK2WRf4tBnUyqG8VaoaS\",\"expiry\":1406673401,\"last_token\":\"$2a$10$H/aacu1zhX7sPIZLrcBJf.L6AMZIEpWK3Y3.WWEbISi4br5Y/oQbi\",\"updated_at\":\"2014-07-15 17:36:41 -0500\"},\"JpkotX_5GMZTxCA3Kr6LSg\":{\"token\":\"$2a$10$xLT6URzVbql5Avfp5mNlpu.GNFju.QdYhSCMQmF/0eC8LNGoxS5MW\",\"expiry\":1406767570,\"last_token\":\"$2a$10$pBPj.THu5cDlfWqmbcUt9uXw9oEjtvq1/GtXQtk7CbW68YSivSfvW\",\"updated_at\":\"2014-07-16 19:46:15 -0500\"},\"506KuB-C-2mKsW6PO5BHCg\":{\"token\":\"$2a$10$ltjKp73qzSd2h.YPgdFHWO/ZT68yJzOMt3W2oqJu3JwwQuvrwG46W\",\"expiry\":1406767597,\"last_token\":\"$2a$10$0mxS.YawQiGPNWLXvXHqzu.SzA9R2vEjXc1UvD6Jl1rhJOq7IC.ii\",\"updated_at\":\"2014-07-16 19:46:37 -0500\"},\"D5CEgvw0vNDrg9YW4spS_g\":{\"token\":\"$2a$10$l0KoYQNx95TDUNrVg84Q3OpXyrCRajgW.Q4VABwYOQhsvFwfCuYS2\",\"expiry\":1406778820,\"last_token\":\"$2a$10$YxRLETQUHNcrSe4NCfp36esWrmy3d5Fqij9N76xRzTu1Ql1COPYVa\",\"updated_at\":\"2014-07-16 22:53:42 -0500\"}}"], ["updated_at", "2014-07-17 03:53:42.361753"]]
+   (1.6ms)  commit transaction
+Completed 200 OK in 67ms (Views: 0.7ms | ActiveRecord: 2.0ms)
+
+
+Started GET "/demo/members_only" for 127.0.0.1 at 2014-07-16 22:53:44 -0500
+  ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
+Processing by DemoController#members_only as HTML
+  User Load (0.2ms)  SELECT  "users".* FROM "users"  WHERE "users"."uid" = '468037' LIMIT 1
+   (0.1ms)  begin transaction
+  SQL (0.3ms)  UPDATE "users" SET "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 1  [["tokens", "{\"w_an0weNUDKhTtD2swV-0w\":{\"token\":\"$2a$10$TuXDtuTVo7j9SgjGrpFfheb883mJm.o.NfK2WRf4tBnUyqG8VaoaS\",\"expiry\":1406673401,\"last_token\":\"$2a$10$H/aacu1zhX7sPIZLrcBJf.L6AMZIEpWK3Y3.WWEbISi4br5Y/oQbi\",\"updated_at\":\"2014-07-15 17:36:41 -0500\"},\"JpkotX_5GMZTxCA3Kr6LSg\":{\"token\":\"$2a$10$xLT6URzVbql5Avfp5mNlpu.GNFju.QdYhSCMQmF/0eC8LNGoxS5MW\",\"expiry\":1406767570,\"last_token\":\"$2a$10$pBPj.THu5cDlfWqmbcUt9uXw9oEjtvq1/GtXQtk7CbW68YSivSfvW\",\"updated_at\":\"2014-07-16 19:46:15 -0500\"},\"506KuB-C-2mKsW6PO5BHCg\":{\"token\":\"$2a$10$ltjKp73qzSd2h.YPgdFHWO/ZT68yJzOMt3W2oqJu3JwwQuvrwG46W\",\"expiry\":1406767597,\"last_token\":\"$2a$10$0mxS.YawQiGPNWLXvXHqzu.SzA9R2vEjXc1UvD6Jl1rhJOq7IC.ii\",\"updated_at\":\"2014-07-16 19:46:37 -0500\"},\"D5CEgvw0vNDrg9YW4spS_g\":{\"token\":\"$2a$10$l0KoYQNx95TDUNrVg84Q3OpXyrCRajgW.Q4VABwYOQhsvFwfCuYS2\",\"expiry\":1406778820,\"last_token\":\"$2a$10$YxRLETQUHNcrSe4NCfp36esWrmy3d5Fqij9N76xRzTu1Ql1COPYVa\",\"updated_at\":\"2014-07-16 22:53:44 -0500\"}}"], ["updated_at", "2014-07-17 03:53:44.339912"]]
+   (1.7ms)  commit transaction
+Completed 200 OK in 91ms (Views: 0.7ms | ActiveRecord: 2.6ms)
+
+
+Started OPTIONS "/auth/sign_out" for 127.0.0.1 at 2014-07-16 22:53:47 -0500
+
+
+Started DELETE "/auth/sign_out" for 127.0.0.1 at 2014-07-16 22:53:47 -0500
+Processing by DeviseTokenAuth::SessionsController#destroy as HTML
+  User Load (0.2ms)  SELECT  "users".* FROM "users"  WHERE "users"."uid" = '468037' LIMIT 1
+  User Load (0.1ms)  SELECT  "users".* FROM "users"  WHERE "users"."id" = 1  ORDER BY "users"."id" ASC LIMIT 1
+   (0.0ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 1  [["tokens", "{\"w_an0weNUDKhTtD2swV-0w\":{\"token\":\"$2a$10$TuXDtuTVo7j9SgjGrpFfheb883mJm.o.NfK2WRf4tBnUyqG8VaoaS\",\"expiry\":1406673401,\"last_token\":\"$2a$10$H/aacu1zhX7sPIZLrcBJf.L6AMZIEpWK3Y3.WWEbISi4br5Y/oQbi\",\"updated_at\":\"2014-07-15 17:36:41 -0500\"},\"JpkotX_5GMZTxCA3Kr6LSg\":{\"token\":\"$2a$10$xLT6URzVbql5Avfp5mNlpu.GNFju.QdYhSCMQmF/0eC8LNGoxS5MW\",\"expiry\":1406767570,\"last_token\":\"$2a$10$pBPj.THu5cDlfWqmbcUt9uXw9oEjtvq1/GtXQtk7CbW68YSivSfvW\",\"updated_at\":\"2014-07-16 19:46:15 -0500\"},\"506KuB-C-2mKsW6PO5BHCg\":{\"token\":\"$2a$10$ltjKp73qzSd2h.YPgdFHWO/ZT68yJzOMt3W2oqJu3JwwQuvrwG46W\",\"expiry\":1406767597,\"last_token\":\"$2a$10$0mxS.YawQiGPNWLXvXHqzu.SzA9R2vEjXc1UvD6Jl1rhJOq7IC.ii\",\"updated_at\":\"2014-07-16 19:46:37 -0500\"},\"D5CEgvw0vNDrg9YW4spS_g\":{\"token\":\"$2a$10$l0KoYQNx95TDUNrVg84Q3OpXyrCRajgW.Q4VABwYOQhsvFwfCuYS2\",\"expiry\":1406778820,\"last_token\":\"$2a$10$YxRLETQUHNcrSe4NCfp36esWrmy3d5Fqij9N76xRzTu1Ql1COPYVa\",\"updated_at\":\"2014-07-16 22:53:44 -0500\"}}"], ["updated_at", "2014-07-17 03:53:47.593975"]]
+   (1.7ms)  commit transaction
+   (0.1ms)  begin transaction
+  SQL (0.2ms)  UPDATE "users" SET "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 1  [["tokens", "{\"w_an0weNUDKhTtD2swV-0w\":{\"token\":\"$2a$10$TuXDtuTVo7j9SgjGrpFfheb883mJm.o.NfK2WRf4tBnUyqG8VaoaS\",\"expiry\":1406673401,\"last_token\":\"$2a$10$H/aacu1zhX7sPIZLrcBJf.L6AMZIEpWK3Y3.WWEbISi4br5Y/oQbi\",\"updated_at\":\"2014-07-15 17:36:41 -0500\"},\"JpkotX_5GMZTxCA3Kr6LSg\":{\"token\":\"$2a$10$xLT6URzVbql5Avfp5mNlpu.GNFju.QdYhSCMQmF/0eC8LNGoxS5MW\",\"expiry\":1406767570,\"last_token\":\"$2a$10$pBPj.THu5cDlfWqmbcUt9uXw9oEjtvq1/GtXQtk7CbW68YSivSfvW\",\"updated_at\":\"2014-07-16 19:46:15 -0500\"},\"506KuB-C-2mKsW6PO5BHCg\":{\"token\":\"$2a$10$ltjKp73qzSd2h.YPgdFHWO/ZT68yJzOMt3W2oqJu3JwwQuvrwG46W\",\"expiry\":1406767597,\"last_token\":\"$2a$10$0mxS.YawQiGPNWLXvXHqzu.SzA9R2vEjXc1UvD6Jl1rhJOq7IC.ii\",\"updated_at\":\"2014-07-16 19:46:37 -0500\"},\"D5CEgvw0vNDrg9YW4spS_g\":{\"token\":\"$2a$10$l0KoYQNx95TDUNrVg84Q3OpXyrCRajgW.Q4VABwYOQhsvFwfCuYS2\",\"expiry\":1406778820,\"last_token\":\"$2a$10$YxRLETQUHNcrSe4NCfp36esWrmy3d5Fqij9N76xRzTu1Ql1COPYVa\",\"updated_at\":\"2014-07-16 22:53:47 -0500\"}}"], ["updated_at", "2014-07-17 03:53:47.597826"]]
+   (0.7ms)  commit transaction
+Completed 200 OK in 69ms (Views: 0.2ms | ActiveRecord: 3.3ms)
+
+
+Started GET "/auth/facebook?auth_origin_url=http://ng-token-auth.dev/" for 127.0.0.1 at 2014-07-16 22:53:50 -0500
+
+
+Started GET "/omniauth/facebook?auth_origin_url=http%3A%2F%2Fng-token-auth.dev%2F&resource_class=User" for 127.0.0.1 at 2014-07-16 22:53:50 -0500
+
+
+Started GET "/auth/developer?auth_origin_url=http://ng-token-auth.dev/" for 127.0.0.1 at 2014-07-16 22:53:53 -0500
+
+
+Started GET "/omniauth/developer?auth_origin_url=http%3A%2F%2Fng-token-auth.dev%2F&resource_class=User" for 127.0.0.1 at 2014-07-16 22:53:53 -0500
+
+
+Started POST "/omniauth/developer/callback" for 127.0.0.1 at 2014-07-16 22:54:00 -0500
+
+ActionController::RoutingError (No route matches [POST] "/omniauth/developer/callback"):
+  actionpack (4.1.4) lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call'
+  actionpack (4.1.4) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
+  railties (4.1.4) lib/rails/rack/logger.rb:38:in `call_app'
+  railties (4.1.4) lib/rails/rack/logger.rb:20:in `block in call'
+  activesupport (4.1.4) lib/active_support/tagged_logging.rb:68:in `block in tagged'
+  activesupport (4.1.4) lib/active_support/tagged_logging.rb:26:in `tagged'
+  activesupport (4.1.4) lib/active_support/tagged_logging.rb:68:in `tagged'
+  railties (4.1.4) lib/rails/rack/logger.rb:20:in `call'
+  actionpack (4.1.4) lib/action_dispatch/middleware/request_id.rb:21:in `call'
+  rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
+  rack (1.5.2) lib/rack/runtime.rb:17:in `call'
+  activesupport (4.1.4) lib/active_support/cache/strategy/local_cache_middleware.rb:26:in `call'
+  rack (1.5.2) lib/rack/lock.rb:17:in `call'
+  actionpack (4.1.4) lib/action_dispatch/middleware/static.rb:64:in `call'
+  rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
+  railties (4.1.4) lib/rails/engine.rb:514:in `call'
+  railties (4.1.4) lib/rails/application.rb:144:in `call'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:155:in `handle'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:109:in `rescue in block (2 levels) in start'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:106:in `block (2 levels) in start'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:96:in `each'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:96:in `block in start'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:76:in `loop'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:76:in `start'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/lib/nack/server.rb:12:in `run'
+  /Users/lynnhurley/Library/Application Support/Pow/Versions/0.4.3/node_modules/nack/bin/nack_worker:4:in `<main>'
+
+
+  Rendered /opt/rubies/2.1.1/lib/ruby/gems/2.1.0/gems/actionpack-4.1.4/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb (0.9ms)
+  Rendered /opt/rubies/2.1.1/lib/ruby/gems/2.1.0/gems/actionpack-4.1.4/lib/action_dispatch/middleware/templates/routes/_route.html.erb (3.8ms)
+  Rendered /opt/rubies/2.1.1/lib/ruby/gems/2.1.0/gems/actionpack-4.1.4/lib/action_dispatch/middleware/templates/routes/_table.html.erb (6.1ms)
+  Rendered /opt/rubies/2.1.1/lib/ruby/gems/2.1.0/gems/actionpack-4.1.4/lib/action_dispatch/middleware/templates/rescues/routing_error.html.erb within rescues/layout (48.0ms)
+
+
+Started GET "/" for 127.0.0.1 at 2014-07-16 23:43:42 -0500
+  ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
+Processing by Rails::WelcomeController#index as HTML
+  Rendered /opt/rubies/2.1.1/lib/ruby/gems/2.1.0/gems/railties-4.1.4/lib/rails/templates/rails/welcome/index.html.erb (1.6ms)
+Completed 200 OK in 7ms (Views: 6.5ms | ActiveRecord: 0.0ms)
+
+
+Started GET "/" for 127.0.0.1 at 2014-07-17 18:37:26 -0500
+  ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
+Processing by Rails::WelcomeController#index as HTML
+  Rendered /opt/rubies/2.1.1/lib/ruby/gems/2.1.0/gems/railties-4.1.4/lib/rails/templates/rails/welcome/index.html.erb (2.0ms)
+Completed 200 OK in 11ms (Views: 10.8ms | ActiveRecord: 0.0ms)