module Devise::Models::TokenAuthenticatable

The TokenAuthenticatable module is responsible for generating an authentication token and validating the authenticity of the same while signing in.

This module only provides a few helpers to help you manage the token, but it is up to you to choose how to use it.

If you want to delete the token after it is used, you can do so in the after_token_authentication callback.

APIs

If you are using token authentication with APIs and using trackable. Every request will be considered as a new sign in (since there is no session in APIs). You can disable this by creating a before filter as follow:

before_filter :skip_trackable

def skip_trackable
  request.env['devise.skip_trackable'] = true
end

Public Class Methods

required_fields(klass) click to toggle source
# File lib/devise/token_authenticatable/model.rb, line 55
def self.required_fields(klass)
  fields = [:authentication_token]

  unless Devise::TokenAuthenticatable.token_expires_in.blank?
    fields.push(:authentication_token_created_at)
  end

  fields
end

Public Instance Methods

after_token_authentication() click to toggle source

Hook called after token authentication.

# File lib/devise/token_authenticatable/model.rb, line 88
def after_token_authentication
end
ensure_authentication_token() click to toggle source

Generate authentication token unless already exists.

# File lib/devise/token_authenticatable/model.rb, line 78
def ensure_authentication_token
  reset_authentication_token if authentication_token.blank?
end
ensure_authentication_token!() click to toggle source

Generate authentication token unless already exists and save the record.

# File lib/devise/token_authenticatable/model.rb, line 83
def ensure_authentication_token!
  reset_authentication_token! if authentication_token.blank?
end
reset_authentication_token() click to toggle source

Generate new authentication token (a.k.a. “single access token”).

# File lib/devise/token_authenticatable/model.rb, line 66
def reset_authentication_token
  self.authentication_token = self.class.authentication_token
  self.authentication_token_created_at = Time.now unless token_expires_in.blank?
end
reset_authentication_token!() click to toggle source

Generate new authentication token and save the record.

# File lib/devise/token_authenticatable/model.rb, line 72
def reset_authentication_token!
  reset_authentication_token
  save(validate: false)
end
token_expires_in() click to toggle source
# File lib/devise/token_authenticatable/model.rb, line 91
def token_expires_in
  Devise::TokenAuthenticatable.token_expires_in
end

Private Instance Methods

ensure_authentication_token_before_save() click to toggle source
# File lib/devise/token_authenticatable/model.rb, line 101
def ensure_authentication_token_before_save
  ensure_authentication_token if Devise::TokenAuthenticatable.should_ensure_authentication_token
end
reset_authentication_token_before_save() click to toggle source
# File lib/devise/token_authenticatable/model.rb, line 97
def reset_authentication_token_before_save
  reset_authentication_token if Devise::TokenAuthenticatable.should_reset_authentication_token
end