Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Q: Authentication tokens do not change on every login, is it normal? (R: Yes, until you reset them.) #129

Closed
shoobm opened this issue Nov 5, 2014 · 6 comments
Labels
question When closed, this issue will become part of the FAQ.

Comments

@shoobm
Copy link

shoobm commented Nov 5, 2014

Hi

I'm using devise and this gem both for the first time and I'm a little bit confused here.

  1. I added this line in the application_controller.rb

    acts_as_token_authentication_handler_for User

    but it gave an undefined method error, so i removed it and wrote a method to verify the token. I dont know what went wrong.

  2. I'm getting the same token for a user on every login. Is token generation not handled by devise or this gem or is something wrong?

@gonzalo-bulnes
Copy link
Owner

Hello @shoobm,

Authentication tokens are a representation of the user credentials. They are meant to be stored by clients in place of the username and password, and because of that they do not change until you decide that they have to - that's to say when you decide that the person who uses the client should provide her password and username again.

If you want to change the authentication token for any user, however, all you need to do is setting it to nil. When the user will be saved, a new token will be generated automatically. See #52

That being said, if you are not familar with Devise, I strongly recommend you to first use it without extensions to get familiar with it. Devise is a great but complex piece of software on the first approach. Then add Simple Token Authentication to the mix.

The closed issues which contain questions are tagged in way that allow to browse them as a FAQ section. Some aspects of the Simple Token Authentication mecanics which are described in the README are developped in the questions, and navigating through them is a good starting point to get used to both token authentication and the way this gem provides it.

If things remain unclear, please feel welcome to re-open the corresponding issue in the FAQ.

Regards!

@gonzalo-bulnes gonzalo-bulnes added the question When closed, this issue will become part of the FAQ. label Nov 5, 2014
@gonzalo-bulnes
Copy link
Owner

About the undefined method error, you didn't mention which method was missing, but it's likely to be a Devise setup issue (missing the current_user method for example), or a configuration error (see #42 in the FAQ for example).

@shoobm
Copy link
Author

shoobm commented Nov 5, 2014

Ok, I'll look into it. The undefined method error was given for

acts_as_token_authentication_handler_for

@gonzalo-bulnes
Copy link
Owner

Are you using Rails, or Rails::API? Support for the last one is work in progress. I'll post to #54 when ready.

@shoobm
Copy link
Author

shoobm commented Nov 6, 2014

I'm using Rails::API. Ok.. thanks.

@gonzalo-bulnes
Copy link
Owner

Hi @shoobm,

I'll close this issue and edit its title to make it easier to find.

Of course, since our last messages, v1.7.0 was released which supports Rails::API.

Regards!

@gonzalo-bulnes gonzalo-bulnes changed the title Generating same token on every login Q: Authentication tokens do not change on every login, is it normal? (R: Yes, until you reset them.) Dec 4, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question When closed, this issue will become part of the FAQ.
Projects
None yet
Development

No branches or pull requests

2 participants