Skip to content

novozhenets/signinable

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits

app/models

app/models

 
 

bin

bin

 
 

config

config

 
 

db/migrate

db/migrate

 
 

lib

lib

 
 

spec

spec

 
 

.gitignore

.gitignore

 
 

.rubocop.yml

.rubocop.yml

 
 

.travis.yml

.travis.yml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

Gemfile

Gemfile

 
 

Gemfile.lock

Gemfile.lock

 
 

MIT-LICENSE

MIT-LICENSE

 
 

README.rdoc

README.rdoc

 
 

Rakefile

Rakefile

 
 

signinable.gemspec

signinable.gemspec

 
 

Repository files navigation

Signinable

<img src=“https://badge.fury.io/rb/signinable.png” alt=“Gem Version” /> <img src=“https://travis-ci.org/novozhenets/signinable.png?branch=master” alt=“Build Status” />

Signinable is an authentication library for Ruby on Rails which allows token authentication for any user model.

Installation

Add this to your Gemfile and run the bundle command to install it.

gem "signinable"

And migrate the database.

Gem does not work with Rails < 3.

Requires Ruby 1.9.3 or later.

Usage

Call signinable in an ActiveRecord class to make your model token signinable.

class User < ActiveRecord::Base
  signinable
end

1. Instance methods 

user.signin(ip, user_agent, referer)

This will create and return signin token, which you can store in user cookies or session. For example, in your session_controller

class SessionsController < ApplicationController

  def create
    # check user credentials

    # create signin token and set it into cookies
    cookies[:signin_token] = user.signin(request.remote_ip, request.user_agent, request.referer)

    # more code here
  end

end

To signout user in your session_controller

def destroy
  # your code here

  user.signout(cookies[:signin_token], request.remote_ip, request.user_agent)

  # more code here
end

This will expire passed token.

user.last_signin

This will return instance of Signin model unless User hasn’t signed in yet.

2. Class methods

Token is passed to authenticate_with_token method on model class. For example, in your application_controller

class ApplicationController < ActionController::Base
  # your code here

  before_action :require_login
  helper_method :current_user

  protected
  def current_user
    @current_user ||= User.authenticate_with_token(cookies[:signin_token], request.remote_ip, request.user_agent) if cookies[:signin_token]
  end

  # you should change this to whatever logic you need
  def require_login
    unless current_user
      session[:return_to] ||= request.referer
      redirect_to login_url
    end
  end

  # more code here
end

3. Options

Optional parameters can be passed in signinable method.

signinable expiration: 1.day

Expiration time of token is increased by expiration value every time authenticate_with_token gets called. Default is 2.hours.

signinable simultaneous: false

If false then all user signin tokens become expired except the last one, once the user is signed in. Default is true.

signinable restrictions: [:ip, :user_agent]

restriction can be passed as an array of parameters, which have to be checked every time user tries to authenticate_with_token. This is done to prevent unauthorized access to tokens or to forbid using one token from different IPs or browsers. Possible values are: ip and user_agent Default is empty array.

All options can be combined any way.

About

Allows user authentication with tokens

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

10 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages