0.0
No commit activity in last 3 years
No release in over 3 years
Simple token authentication designed to work with mongoid. This gem simply provides a simple interface for authentication.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

Runtime

~> 3.1.7
~> 6.1.0
~> 5.0.2
 Project Readme

RedTokenAuth

This gem is currently under development.

Token based authentication gem for a Rails + Mongoid.

We decided to build this gem after trying to use some some other token authentication gems that needed Devise and it didn't work out well with Mongoid.

RedTokenAuth goal is to provide a simple authentication interface for Rails using Mongoid.

Installation

Add this line to your application's Gemfile:

gem 'red_token_auth'

And then execute:

$ bundle

Or install it yourself as:

$ gem install red_token_auth

Usage

You'll be able to include the module in the model like so.

(Pay attention to the fields, because ALL of them are REQUIRED for the proper use of this gem.

class User
  include Mongoid::Document
  include RedTokenAuth

  # Mandatory fields for this gem.
  field :email,                        type: String
  field :password_digest,              type: String
  field :reset_password_token,         type: String
  field :reset_password_token_sent_at, type: Time
  field :authentication_token,         type: String
  field :uid,                          type: String
  # Default must be "email".
  field :provider,                     type: String, default: "email"
end

And you must include other module in your controller:

class ApplicationController < ActionController::API
  include RedTokenAuth::Controllers::Authentication
end

Authenticating the user:

class UsersController < ApplicationController
  before_action only: [:update] { authenticate! :admin }
  before_action only: [:show]   { authenticate! :user }

  def update
    @admin = current_admin
    # Code ...
  end

  def show
    @user = current_user
  end
end

By using the authenticate!(:user) in your controller, you'll have access to current_user.

Included methods

  • User#sign_in

    It'll return User#create_new_authentication_token if "password" matches the user password and an authentication_token will be generated for the user. If it doesn't match, errors will be added to User#errors and false will be returned.

    user.sign_in("password")
  • User#sign_out

    The user's authentication_token will be set to nil. Returns true if the update is successful and false Otherwise.

    user.sign_out
  • User#generate_password_token

    A random token will be generated and stored in User#reset_password_token. You'll probably be sending this token to the user via email or push notifications so they can then change their password.

    user.generate_password_token
  • User#update_password

    This method is used when the user wants to update their password. If the current password doesn't match errors will be added to User#errors and false will be returned. Otherwise it'll return true.

    user.update_password(current_password: "password", password: "new_password", password_confirmation: "new_password")
  • User#reset_password

    This method is used after the User#generate_password_token and the User#reset_password_token now stores a token.

    user.reset_password(reset_password_token: "token", password: "new_password", password_confirmation: "new_password")
  • User#create_new_authentication_token

    This method will create new authentication token for the user and will return a hash that can be appended to the headers.

      user.create_new_authentication_token
      #=> {"access-token" => "==wei2989896756-_", "uid" => "email@email.com", "token-type" => "Bearer"}
    
      # In controller scope:
      request.headers.merge!(user.create_new_authentication_token)

Configuring

RedTokenAuth.configure do |config|
  config.email_regex = /\A[^@\s]+@[^@\s]+\z/
  config.password_length = 8..20
end

License

The gem is available as open source under the terms of the MIT License.