Comments (7)
So I've commented out this line and now I can use :authenticate_whatever at my own will through the controllers.
But thinking that this use-case does not apply to anyone else makes me think what I'm doing wrong...
from simple_token_authentication.
@lfglopes unfortunately, this is because the actual filter getting registered is the authenticate_entity!
method and not the authenticate_user!
method. The former calls the latter.
@gonzalo-bulnes I'm curious to why you do not allow the user to be responsible for injecting these filters? This behavior forces an opt-out instead of opt-in behavior, which isn't expected coming from devise.
from simple_token_authentication.
Hello @lfglopes,
Instead of adding acts_as_token_authentication_hander_for :model
to your base controller, you can add it specifically to the controllers which require it. (Several controllers can be token authentication handlers for a given model.) Once that done, you should be able to skip the Devise authentication step where necessary. Depending on the authentication behaviour you want to create that could permit you to avoid the issue; or might not be enough. Is this of any help?
from simple_token_authentication.
The pull-request #61 addresses two issues which were present in this question/discussion:
- the possibility to create excpetions when using
acts_as_token_authentication_handler_for Model
- the possibility to specifically skip the Devise authentication fallback
Since the second topic was discussed in #49 (and will be solved soon thanks to #61), I suggest we focus this issue topic on the first point: the possibility to create exceptions when using acts_as_token_authentication_handler_for Model
.
A possible implementation was submitted by @donbobka in #61, which, I think, could be improved.
Comments would be welcome about which syntax (for usage) you would expect the option to have!
from simple_token_authentication.
I propose replace parameter :before_filter
in my PR to parameters :only
/:except
Possible usages:
# Only specified actions
acts_as_token_authentication_handler_for User, only: [:actions, :with, :token, :auth]
# All actions except specified actions
acts_as_token_authentication_handler_for User, except: [:actions, :without, :token, :auth]
# Manual mode
acts_as_token_authentication_handler_for User, only: :none
before_filter :authenticate_entity_from_token!, only: [:actions, :with, :token, :auth]
from simple_token_authentication.
Hi @donbobka,
Yes, I think that's a much better syntax. I like the only: :none
option, yet have you some specific scenario in mind where it must be used?
from simple_token_authentication.
only: :none
and except: :all
it's a standard logic of only/except parameters for before_filter
PR #62
from simple_token_authentication.
Related Issues (20)
- Is that gem work with API? HOT 4
- Mongoid does support Rails 6 now/soon HOT 3
- uninitialized constant SimpleTokenAuthentication::Adapters HOT 5
- Gem doesn't protect data?
- separate registration and signin so no token is received by client when registering
- how to auth 2 different models with same alias ?
- acts_as_token_authenticatable causes a DEPRECATION WARNING
- Q: How to do not require user_email? HOT 1
- Getting 401 unauthorized Error
- Where should I store the token on the frontend? HOT 3
- Entering fallback! with token_correct? set to true HOT 1
- 406 Errors on Authentication Test
- The mongoid range of supported versions needs review
- Discussions are set up! HOT 1
- Identify support requests, feature requests in issues and pull requests HOT 1
- Update the contributing guidelines to mention Discussions etc.
- Add (actual) example of maintenance trade-off for discussion HOT 1
- split responsibilities of acts_as_token_authentication_handler_for method HOT 1
- Rails 7 support? HOT 30
- Can we use JWT as a user token?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from simple_token_authentication.