From 7d2dd9d67681629ef24ba321340a7c599a2e7c78 Mon Sep 17 00:00:00 2001 From: Arthur Neves Date: Fri, 11 Oct 2013 14:00:00 -0400 Subject: [PATCH] Update devise to 3.1.1, and remove token_authenticatable module --- Gemfile.lock | 4 ++-- app/controllers/application_controller.rb | 9 +++++++++ app/models/user.rb | 20 +++++++++++++++++++- config/initializers/_load_config.rb | 2 +- config/initializers/devise.rb | 4 ---- 5 files changed, 31 insertions(+), 8 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index cf86d52c6..7409263ae 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -94,7 +94,7 @@ GEM debugger-linecache (1.2.0) debugger-ruby_core_source (1.2.3) decent_exposure (2.3.0) - devise (3.1.0) + devise (3.1.1) bcrypt-ruby (~> 3.0) orm_adapter (~> 0.1) railties (>= 3.2.6, < 5) @@ -187,7 +187,7 @@ GEM rails (>= 3.2.0) railties (>= 3.2.0) moped (1.5.1) - multi_json (1.8.0) + multi_json (1.8.1) multi_xml (0.5.5) multipart-post (1.2.0) net-scp (1.1.2) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f2e3e82f8..563dd60d9 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,6 +1,7 @@ class ApplicationController < ActionController::Base protect_from_forgery + before_filter :authenticate_user_from_token! before_filter :authenticate_user! before_filter :set_time_zone @@ -45,4 +46,12 @@ def set_time_zone Time.zone = current_user.time_zone if user_signed_in? end + def authenticate_user_from_token! + user_token = params[User.token_authentication_key].presence + user = user_token && User.find_by(authentication_token: user_token) + + if user + sign_in user, store: false + end + end end diff --git a/app/models/user.rb b/app/models/user.rb index 003d00cab..15d8de18b 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -34,6 +34,7 @@ class User ### Token_authenticatable field :authentication_token, :type => String + index :authentication_token => 1 before_save :ensure_authentication_token @@ -78,5 +79,22 @@ def github_login=(login) self[:github_login] = login end -end + def ensure_authentication_token + if authentication_token.blank? + self.authentication_token = generate_authentication_token + end + end + + def self.token_authentication_key + :auth_token + end + private + + def generate_authentication_token + loop do + token = Devise.friendly_token + break token unless User.where(authentication_token: token).first + end + end +end diff --git a/config/initializers/_load_config.rb b/config/initializers/_load_config.rb index 34fb360c0..a6ab75eac 100644 --- a/config/initializers/_load_config.rb +++ b/config/initializers/_load_config.rb @@ -53,7 +53,7 @@ # Set default devise modules Errbit::Config.devise_modules = [:database_authenticatable, :recoverable, :rememberable, :trackable, - :validatable, :token_authenticatable, :omniauthable] + :validatable, :omniauthable] end # Set default settings from config.example.yml if key is missing from config.yml diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index b5393b9a4..850b2d82d 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -185,10 +185,6 @@ # Require the `devise-encryptable` gem when using anything other than bcrypt # config.encryptor = :sha512 - # ==> Configuration for :token_authenticatable - # Defines name of the authentication token params key - config.token_authentication_key = :auth_token - # ==> Scopes configuration # Turn scoped views on. Before rendering "sessions/new", it will first check for # "users/sessions/new". It's turned off by default because it's slower if you