Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
No_Time2013-01-17 20:34:22
API
No_Time, 2013-01-17 20:34:22

How to make multiple sessions for one user in Devise(:database_authenticatable)?

Hello!
I am developing an apishka for a rail application (backend for a mobile client), in which authorization has long been performed by Devise. Everything is clear with the web version, it has been working like clockwork for a long time - a user can have several active sessions on different computers. But with mobile authorization, everything seems to be bad, at least for me. There is a basic User model:

devise :database_authenticatable,
         :registerable,
         :recoverable, 
         :rememberable, 
         :trackable, 
         :validatable, 
         :token_authenticatable,
         :omniauthable

In user_api_controller, respectively, there are authorization lines:
before_filter :authenticate_user!, except: [ :new, :sign_in ]

def sign_in

    if params[:user][:email].blank? and params[:user][:name].blank?
      return render status: 404, json: { error: "You must specify email or name"}
    end
    if params[:user][:email]
      user = User.find_by_email(email: params[:user][:email].downcase)
    elsif params[:user][:name]
      user = User.where("lower(name) = ?", params[:user][:name].downcase).first
    end

    if user.blank?
      return render status: 404, json: { error: "User not found" }
    end

    if user.valid_password? params[:user][:password]
      user.reset_authentication_token!
      return render status: 200, json: { token: user.authentication_token }
    else
      return render status: 401, json: { error: "Invalid password" }
    end

  end

Everything is fine, but the user can only have one session, I log in from one client (from the 5th iPhone of course) - I log in all the oki under the same name from another - on the first one, respectively, the token becomes invalid and everything is bad. Well, it's understandable, the database structure takes into account that the user only has an id token = (Can this situation be fixed with the help of rail magic? Or is it better to write a separate module independent of devise'a? to put in for storing tokens for api?
Maybe you know some good ready-made gems for api authorization?
thank you in advance!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
idem2n, 2013-01-17
@idem2n

You don't need any magic, just implement your strategy for devise.
Here is an example with redis .

Similar questions
J
Just1n2018-09-09 19:42:06
How to set a command for a VKontakte bot? 1Reply
E
Eugene2018-09-12 19:40:46
How to get a link to a photo through the VK API? 1Reply
D
David Manzhula2016-04-15 22:01:25
How to get a list of all pages in google sites? 0Reply
F
flayzer2018-09-13 12:31:12
VK API, how to check messages in a conversation? 1Reply
M
mshmnv2020-08-12 12:45:30
It is reliably known that some API periodically falls off on a timeout or with a 5xx error.? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question