letmein icon indicating copy to clipboard operation
letmein copied to clipboard

Published 20 hours ago verified publisher icon GBH

Token-Based Authentication

Open kendagriff opened this issue 13 years ago • 0 comments

I love that letmein it stays out of the way of controllers and views. I'm adding API interactions to a new project, and it seemed like letmein was a great project for token-based authentication. Essentially, passing a pre-generated token alone to the UserSession object will grant access.

The way I've implemented it is by introducing two accessors:

LetMeIn.configure do |c|
  c.models = ['User', 'Admin']
  c.attributes = ['email', 'username']
  c.passwords = ['password_hash', 'pass_hash']
  c.salts = ['password_salt', 'pass_salt']
  c.tokens = ['auth_token', 'token_auth']
  c.generate_tokens = [false, true]
end

generate_tokens turns the feature on or off. It's false by default. If it's turned off, no token is generated. If a token is provided to UserSession, it will take precedence.

Let me know your thoughts, whether you'd prefer other changes or it simply misses the boat. If you'd like to include it, I'd be happy to write documentation.

kendagriff avatar Nov 17 '11 07:11 kendagriff