-
-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generate authentication with api and cookie at the same time #17
Comments
Good point, I love this approach too (shared controllers), the problem is I'll need to maintain 3 different templates html/api/mixed. You will need to do it your self, your can use the same models and views but the controllers must be changed, you will need to implement something like: def authenticate
if authenticate_with_token || authenticate_with_cookies
# Great! You're in
elsif !performed?
request_api_authentication || request_cookie_authentication
end
end
def authenticate_with_token
if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
Current.session = session
end
end
def authenticate_with_cookies
if session = Session.find_by_id(cookies.signed[:session_token])
Current.session = session
end
end
def request_api_authentication
request_http_token_authentication if request.format.json?
end
def request_cookie_authentication
redirect_to sign_in_path
end I can implement it in the future, but I believe this approach is the less common nowadays (sadly). |
Oh, I understand. It would definitely be a nice thing to have. I'll try implementing something like that for now. I'll keep an eye on the progress of this. Thanks! |
Hi,
My Rails app has an api and html views. I make the difference using the json formats. Will it be possible to mix both authentication strategies somehow in the same controller? If the format is json return json, otherwise html, and always return the token, or otherwise return it only if the format is json. The other option would be to have a separate controller for api and html, but this doesn't sound so nice.
What do you think? Thanks!
The text was updated successfully, but these errors were encountered: