devise_token_auth_headers 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +2 -0
- data/Gemfile +3 -0
- data/Gemfile.lock +70 -0
- data/README.md +27 -0
- data/Rakefile +8 -0
- data/devise_token_auth_headers.gemspec +18 -0
- data/lib/devise_token_auth_headers.rb +12 -0
- data/lib/devise_token_auth_headers/header_token_authenticatable.rb +43 -0
- metadata +70 -0
data/.gitignore
ADDED
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,70 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
devise_header_token (1.0.0)
|
5
|
+
devise
|
6
|
+
|
7
|
+
GEM
|
8
|
+
remote: http://rubygems.org/
|
9
|
+
specs:
|
10
|
+
actionpack (3.2.3)
|
11
|
+
activemodel (= 3.2.3)
|
12
|
+
activesupport (= 3.2.3)
|
13
|
+
builder (~> 3.0.0)
|
14
|
+
erubis (~> 2.7.0)
|
15
|
+
journey (~> 1.0.1)
|
16
|
+
rack (~> 1.4.0)
|
17
|
+
rack-cache (~> 1.2)
|
18
|
+
rack-test (~> 0.6.1)
|
19
|
+
sprockets (~> 2.1.2)
|
20
|
+
activemodel (3.2.3)
|
21
|
+
activesupport (= 3.2.3)
|
22
|
+
builder (~> 3.0.0)
|
23
|
+
activesupport (3.2.3)
|
24
|
+
i18n (~> 0.6)
|
25
|
+
multi_json (~> 1.0)
|
26
|
+
bcrypt-ruby (3.0.1)
|
27
|
+
builder (3.0.0)
|
28
|
+
devise (2.0.4)
|
29
|
+
bcrypt-ruby (~> 3.0)
|
30
|
+
orm_adapter (~> 0.0.3)
|
31
|
+
railties (~> 3.1)
|
32
|
+
warden (~> 1.1.1)
|
33
|
+
erubis (2.7.0)
|
34
|
+
hike (1.2.1)
|
35
|
+
i18n (0.6.0)
|
36
|
+
journey (1.0.3)
|
37
|
+
json (1.7.0)
|
38
|
+
multi_json (1.3.4)
|
39
|
+
orm_adapter (0.0.7)
|
40
|
+
rack (1.4.1)
|
41
|
+
rack-cache (1.2)
|
42
|
+
rack (>= 0.4)
|
43
|
+
rack-ssl (1.3.2)
|
44
|
+
rack
|
45
|
+
rack-test (0.6.1)
|
46
|
+
rack (>= 1.0)
|
47
|
+
railties (3.2.3)
|
48
|
+
actionpack (= 3.2.3)
|
49
|
+
activesupport (= 3.2.3)
|
50
|
+
rack-ssl (~> 1.3.2)
|
51
|
+
rake (>= 0.8.7)
|
52
|
+
rdoc (~> 3.4)
|
53
|
+
thor (~> 0.14.6)
|
54
|
+
rake (0.9.2.2)
|
55
|
+
rdoc (3.12)
|
56
|
+
json (~> 1.4)
|
57
|
+
sprockets (2.1.3)
|
58
|
+
hike (~> 1.2)
|
59
|
+
rack (~> 1.0)
|
60
|
+
tilt (~> 1.1, != 1.3.0)
|
61
|
+
thor (0.14.6)
|
62
|
+
tilt (1.3.3)
|
63
|
+
warden (1.1.1)
|
64
|
+
rack (>= 1.0)
|
65
|
+
|
66
|
+
PLATFORMS
|
67
|
+
ruby
|
68
|
+
|
69
|
+
DEPENDENCIES
|
70
|
+
devise_header_token!
|
data/README.md
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
devise_token_auth_headers
|
2
|
+
===================
|
3
|
+
|
4
|
+
Patches in support for token authentication via headers in addition to the basic auth or request params for Devise's `token_authenticatable` strategy.
|
5
|
+
|
6
|
+
Based on https://github.com/stvp/devise_header_token - if you need to _replace_ params/basic auth support with headers, so
|
7
|
+
token in parameters or in basic auth will not work, use it.
|
8
|
+
|
9
|
+
Usage
|
10
|
+
-----
|
11
|
+
|
12
|
+
In your Gemfile:
|
13
|
+
|
14
|
+
```ruby
|
15
|
+
gem 'devise'
|
16
|
+
gem 'devise_token_auth_headers'
|
17
|
+
```
|
18
|
+
|
19
|
+
In your `config/initializers/devise.rb`, set the authentication key as usual (or use default).
|
20
|
+
|
21
|
+
Now you can put your token in your headers. Gem generates two keys
|
22
|
+
to check in headers: source key as is was, and X-{source_key.camelize}. Of course it changes '-' to '_' and uses uppercase.
|
23
|
+
|
24
|
+
For example, if you use deault key @:auth_token@ then the header keys could be either "AUTH_TOKEN" or "X-AuthToken".
|
25
|
+
|
26
|
+
And it all should Just Work™.
|
27
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = "devise_token_auth_headers"
|
5
|
+
s.version = "1.0.0"
|
6
|
+
s.authors = ["Sergey Chernov"]
|
7
|
+
s.email = ["real.sergeych@gmail.com"]
|
8
|
+
s.homepage = "https://github.com/sergeych/devise_token_auth_headers"
|
9
|
+
s.summary = "Adds header token authentication for Devise :token_authenticable strategy"
|
10
|
+
s.description = "Patches Devise's token authentication strategy to add header-based token authentication to params/basic auth."
|
11
|
+
|
12
|
+
s.files = `git ls-files`.split("\n")
|
13
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
14
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
15
|
+
s.require_paths = ["lib"]
|
16
|
+
|
17
|
+
s.add_runtime_dependency "devise"
|
18
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
module Devise
|
2
|
+
module Models
|
3
|
+
# This is an awful way to load our code, but Devise defers loading its
|
4
|
+
# "strategies" until `devise` is called and provides no way to hook into
|
5
|
+
# that. So we're left with this.
|
6
|
+
alias_method :__original_devise, :devise
|
7
|
+
def devise(*modules)
|
8
|
+
__original_devise(*modules)
|
9
|
+
require 'devise_token_auth_headers/header_token_authenticatable'
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
module Devise
|
2
|
+
module Strategies
|
3
|
+
class HeaderTokenAuthenticatable < TokenAuthenticatable
|
4
|
+
# Devise accomplishes all the work of authentication through side-effects.
|
5
|
+
# What you see below is a much, much simpler version of how Devise's
|
6
|
+
# strategies normally work.
|
7
|
+
def valid?
|
8
|
+
super or begin
|
9
|
+
if !@header_keys
|
10
|
+
base = mapping.to.token_authentication_key.to_s
|
11
|
+
@header_keys = [base, "X_#{base.camelize}"].map { |x| "HTTP_#{x.upcase}" }
|
12
|
+
puts "Generated header auth keys: #{@header_keys.inspect}"
|
13
|
+
end
|
14
|
+
self.authentication_hash = {}
|
15
|
+
self.authentication_type = :token_auth
|
16
|
+
headers = header_values
|
17
|
+
@header_keys.each { |key|
|
18
|
+
if token = headers[key]
|
19
|
+
self.authentication_hash[mapping.to.token_authentication_key] = token
|
20
|
+
return true
|
21
|
+
end
|
22
|
+
}
|
23
|
+
false
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
private
|
28
|
+
|
29
|
+
# def header_key
|
30
|
+
# "HTTP_#{mapping.to.token_authentication_key.gsub('-', '_').upcase}"
|
31
|
+
# end
|
32
|
+
|
33
|
+
def header_values
|
34
|
+
env.select { |k, v| k =~ /^HTTP_/ }
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
# Overwrite the heathen basic auth / params token strategy with our kickin'-rad
|
41
|
+
# headers-only strategy.
|
42
|
+
Warden::Strategies.add(:token_authenticatable, Devise::Strategies::HeaderTokenAuthenticatable)
|
43
|
+
# Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)
|
metadata
ADDED
@@ -0,0 +1,70 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: devise_token_auth_headers
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Sergey Chernov
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
date: 2013-05-09 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
15
|
+
name: devise
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ! '>='
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '0'
|
22
|
+
type: :runtime
|
23
|
+
prerelease: false
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ! '>='
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '0'
|
30
|
+
description: Patches Devise's token authentication strategy to add header-based token
|
31
|
+
authentication to params/basic auth.
|
32
|
+
email:
|
33
|
+
- real.sergeych@gmail.com
|
34
|
+
executables: []
|
35
|
+
extensions: []
|
36
|
+
extra_rdoc_files: []
|
37
|
+
files:
|
38
|
+
- .gitignore
|
39
|
+
- Gemfile
|
40
|
+
- Gemfile.lock
|
41
|
+
- README.md
|
42
|
+
- Rakefile
|
43
|
+
- devise_token_auth_headers.gemspec
|
44
|
+
- lib/devise_token_auth_headers.rb
|
45
|
+
- lib/devise_token_auth_headers/header_token_authenticatable.rb
|
46
|
+
homepage: https://github.com/sergeych/devise_token_auth_headers
|
47
|
+
licenses: []
|
48
|
+
post_install_message:
|
49
|
+
rdoc_options: []
|
50
|
+
require_paths:
|
51
|
+
- lib
|
52
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
53
|
+
none: false
|
54
|
+
requirements:
|
55
|
+
- - ! '>='
|
56
|
+
- !ruby/object:Gem::Version
|
57
|
+
version: '0'
|
58
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
59
|
+
none: false
|
60
|
+
requirements:
|
61
|
+
- - ! '>='
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: '0'
|
64
|
+
requirements: []
|
65
|
+
rubyforge_project:
|
66
|
+
rubygems_version: 1.8.24
|
67
|
+
signing_key:
|
68
|
+
specification_version: 3
|
69
|
+
summary: Adds header token authentication for Devise :token_authenticable strategy
|
70
|
+
test_files: []
|