From 7d2dd9d67681629ef24ba321340a7c599a2e7c78 Mon Sep 17 00:00:00 2001 From: Arthur Neves Date: Fri, 11 Oct 2013 14:00:00 -0400 Subject: [PATCH] Update devise to 3.1.1, and remove token_authenticatable module --- Gemfile.lock | 4 ++-- app/controllers/application_controller.rb | 9 +++++++++ app/models/user.rb | 20 +++++++++++++++++++- config/initializers/_load_config.rb | 2 +- config/initializers/devise.rb | 4 ---- 5 files changed, 31 insertions(+), 8 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index cf86d52..7409263 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -94,7 +94,7 @@ GEM debugger-linecache (1.2.0) debugger-ruby_core_source (1.2.3) decent_exposure (2.3.0) - devise (3.1.0) + devise (3.1.1) bcrypt-ruby (~> 3.0) orm_adapter (~> 0.1) railties (>= 3.2.6, < 5) @@ -187,7 +187,7 @@ GEM rails (>= 3.2.0) railties (>= 3.2.0) moped (1.5.1) - multi_json (1.8.0) + multi_json (1.8.1) multi_xml (0.5.5) multipart-post (1.2.0) net-scp (1.1.2) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f2e3e82..563dd60 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,6 +1,7 @@ class ApplicationController < ActionController::Base protect_from_forgery + before_filter :authenticate_user_from_token! before_filter :authenticate_user! before_filter :set_time_zone @@ -45,4 +46,12 @@ protected Time.zone = current_user.time_zone if user_signed_in? end + def authenticate_user_from_token! + user_token = params[User.token_authentication_key].presence + user = user_token && User.find_by(authentication_token: user_token) + + if user + sign_in user, store: false + end + end end diff --git a/app/models/user.rb b/app/models/user.rb index 003d00c..15d8de1 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -34,6 +34,7 @@ class User ### Token_authenticatable field :authentication_token, :type => String + index :authentication_token => 1 before_save :ensure_authentication_token @@ -78,5 +79,22 @@ class User self[:github_login] = login end -end + def ensure_authentication_token + if authentication_token.blank? + self.authentication_token = generate_authentication_token + end + end + + def self.token_authentication_key + :auth_token + end + private + + def generate_authentication_token + loop do + token = Devise.friendly_token + break token unless User.where(authentication_token: token).first + end + end +end diff --git a/config/initializers/_load_config.rb b/config/initializers/_load_config.rb index 34fb360..a6ab75e 100644 --- a/config/initializers/_load_config.rb +++ b/config/initializers/_load_config.rb @@ -53,7 +53,7 @@ unless defined?(Errbit::Config) # Set default devise modules Errbit::Config.devise_modules = [:database_authenticatable, :recoverable, :rememberable, :trackable, - :validatable, :token_authenticatable, :omniauthable] + :validatable, :omniauthable] end # Set default settings from config.example.yml if key is missing from config.yml diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index b5393b9..850b2d8 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -185,10 +185,6 @@ Devise.setup do |config| # Require the `devise-encryptable` gem when using anything other than bcrypt # config.encryptor = :sha512 - # ==> Configuration for :token_authenticatable - # Defines name of the authentication token params key - config.token_authentication_key = :auth_token - # ==> Scopes configuration # Turn scoped views on. Before rendering "sessions/new", it will first check for # "users/sessions/new". It's turned off by default because it's slower if you -- libgit2 0.21.2