Merge pull request errbit#581 from arthurnn/devise_update

Update devise to 3.1.1, and remove token_authenticatable module
maxstudener · Oct 14, 2013 · 2498022 · 2498022
2 parents e1eba9d + 7d2dd9d
commit 2498022
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 8 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -94,7 +94,7 @@ GEM
     debugger-linecache (1.2.0)
     debugger-ruby_core_source (1.2.3)
     decent_exposure (2.3.0)
-    devise (3.1.0)
+    devise (3.1.1)
       bcrypt-ruby (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 3.2.6, < 5)
@@ -187,7 +187,7 @@ GEM
       rails (>= 3.2.0)
       railties (>= 3.2.0)
     moped (1.5.1)
-    multi_json (1.8.0)
+    multi_json (1.8.1)
     multi_xml (0.5.5)
     multipart-post (1.2.0)
     net-scp (1.1.2)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,6 +1,7 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
 
+  before_filter :authenticate_user_from_token!
   before_filter :authenticate_user!
   before_filter :set_time_zone
 
@@ -45,4 +46,12 @@ def set_time_zone
     Time.zone = current_user.time_zone if user_signed_in?
   end
 
+  def authenticate_user_from_token!
+    user_token = params[User.token_authentication_key].presence
+    user       = user_token && User.find_by(authentication_token: user_token)
+
+    if user
+      sign_in user, store: false
+    end
+  end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -34,6 +34,7 @@ class User
   ### Token_authenticatable
   field :authentication_token, :type => String
 
+  index :authentication_token => 1
 
   before_save :ensure_authentication_token
 
@@ -78,5 +79,22 @@ def github_login=(login)
     self[:github_login] = login
   end
 
-end
+  def ensure_authentication_token
+    if authentication_token.blank?
+      self.authentication_token = generate_authentication_token
+    end
+  end
+
+  def self.token_authentication_key
+    :auth_token
+  end
 
+  private
+
+  def generate_authentication_token
+    loop do
+      token = Devise.friendly_token
+      break token unless User.where(authentication_token: token).first
+    end
+  end
+end
diff --git a/config/initializers/_load_config.rb b/config/initializers/_load_config.rb
@@ -53,7 +53,7 @@
   # Set default devise modules
   Errbit::Config.devise_modules = [:database_authenticatable,
                                    :recoverable, :rememberable, :trackable,
-                                   :validatable, :token_authenticatable, :omniauthable]
+                                   :validatable, :omniauthable]
 end
 
 # Set default settings from config.example.yml if key is missing from config.yml

diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -185,10 +185,6 @@
   # Require the `devise-encryptable` gem when using anything other than bcrypt
   # config.encryptor = :sha512
 
-  # ==> Configuration for :token_authenticatable
-  # Defines name of the authentication token params key
-  config.token_authentication_key = :auth_token
-
   # ==> Scopes configuration
   # Turn scoped views on. Before rendering "sessions/new", it will first check for
   # "users/sessions/new". It's turned off by default because it's slower if you