EasyTokens provide an interface for tokens management and also their verification in your Rails 4 app. You can issue a token for external app/users and verify this token presence in a given context.
Mount EasyTokens engine in your routes:
mount EasyTokens::Engine, at: '/et'Install required migrations:
bin/rake easy_tokens:install:migrations
bin/rake db:migrateGo to engine route in your app - i.e. http://myapp.com/et.
Generate token for your client. From now on - you can add token to resource in
order to get it in the following way:
http://myapp.com/my_resources?token=generated_token
All you need to verify your controller resources is:
check_token_on :foo, :bar, :baz- Engine checks if
paramscontaintokenattribute - Token is validated against database
- If token is valid then the requested resource is returned, otherwise it
return
400(no token) or401(invalid token) response
If you want to override EasyTokens settings, create an initializer in your Rails App:
# config/initializers/easy_tokens.rb
EasyTokens.token_owner_method = 'current_user'
EasyTokens.token_owner_class = 'User'
EasyTokens.owner_authorization_method = 'admin?'If you make improvements to this application, please share with others.
- Fork the project on GitHub.
- Make your feature addition or bug fix.
- Commit with Git.
- Send the author a pull request.
If you add functionality to this application, create an alternative implementation, or build an application that is similar, please contact me and I’ll add a note to the README so that others can find your work.
MIT - see license