module Devise::Models::TokenAuthenticatable
The TokenAuthenticatable
module is responsible for generating an authentication token and validating the authenticity of the same while signing in.
This module only provides a few helpers to help you manage the token, but it is up to you to choose how to use it.
If you want to delete the token after it is used, you can do so in the after_token_authentication
callback.
APIs¶ ↑
If you are using token authentication with APIs and using trackable. Every request will be considered as a new sign in (since there is no session in APIs). You can disable this by creating a before filter as follow:
before_filter :skip_trackable def skip_trackable request.env['devise.skip_trackable'] = true end
Public Class Methods
# File lib/devise/token_authenticatable/model.rb, line 55 def self.required_fields(klass) fields = [:authentication_token] unless Devise::TokenAuthenticatable.token_expires_in.blank? fields.push(:authentication_token_created_at) end fields end
Public Instance Methods
Hook called after token authentication.
# File lib/devise/token_authenticatable/model.rb, line 88 def after_token_authentication end
Generate authentication token unless already exists.
# File lib/devise/token_authenticatable/model.rb, line 78 def ensure_authentication_token reset_authentication_token if authentication_token.blank? end
Generate authentication token unless already exists and save the record.
# File lib/devise/token_authenticatable/model.rb, line 83 def ensure_authentication_token! reset_authentication_token! if authentication_token.blank? end
Generate new authentication token (a.k.a. “single access token”).
# File lib/devise/token_authenticatable/model.rb, line 66 def reset_authentication_token self.authentication_token = self.class.authentication_token self.authentication_token_created_at = Time.now unless token_expires_in.blank? end
Generate new authentication token and save the record.
# File lib/devise/token_authenticatable/model.rb, line 72 def reset_authentication_token! reset_authentication_token save(validate: false) end
# File lib/devise/token_authenticatable/model.rb, line 91 def token_expires_in Devise::TokenAuthenticatable.token_expires_in end
Private Instance Methods
# File lib/devise/token_authenticatable/model.rb, line 101 def ensure_authentication_token_before_save ensure_authentication_token if Devise::TokenAuthenticatable.should_ensure_authentication_token end
# File lib/devise/token_authenticatable/model.rb, line 97 def reset_authentication_token_before_save reset_authentication_token if Devise::TokenAuthenticatable.should_reset_authentication_token end