Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
No_Time2013-01-17 20:34:22
API
No_Time, 2013-01-17 20:34:22

How to make multiple sessions for one user in Devise(:database_authenticatable)?

Hello!
I am developing an apishka for a rail application (backend for a mobile client), in which authorization has long been performed by Devise. Everything is clear with the web version, it has been working like clockwork for a long time - a user can have several active sessions on different computers. But with mobile authorization, everything seems to be bad, at least for me. There is a basic User model:

devise :database_authenticatable,
         :registerable,
         :recoverable, 
         :rememberable, 
         :trackable, 
         :validatable, 
         :token_authenticatable,
         :omniauthable

In user_api_controller, respectively, there are authorization lines:
before_filter :authenticate_user!, except: [ :new, :sign_in ]

def sign_in

    if params[:user][:email].blank? and params[:user][:name].blank?
      return render status: 404, json: { error: "You must specify email or name"}
    end
    if params[:user][:email]
      user = User.find_by_email(email: params[:user][:email].downcase)
    elsif params[:user][:name]
      user = User.where("lower(name) = ?", params[:user][:name].downcase).first
    end

    if user.blank?
      return render status: 404, json: { error: "User not found" }
    end

    if user.valid_password? params[:user][:password]
      user.reset_authentication_token!
      return render status: 200, json: { token: user.authentication_token }
    else
      return render status: 401, json: { error: "Invalid password" }
    end

  end

Everything is fine, but the user can only have one session, I log in from one client (from the 5th iPhone of course) - I log in all the oki under the same name from another - on the first one, respectively, the token becomes invalid and everything is bad. Well, it's understandable, the database structure takes into account that the user only has an id token = (Can this situation be fixed with the help of rail magic? Or is it better to write a separate module independent of devise'a? to put in for storing tokens for api?
Maybe you know some good ready-made gems for api authorization?
thank you in advance!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
idem2n, 2013-01-17
@idem2n

You don't need any magic, just implement your strategy for devise.
Here is an example with redis .

Similar questions
I
IvanOne2014-11-27 12:34:37
How to extract data by site metrics? 1Reply
V
Vsevolod Zhdanov2014-11-28 01:34:31
How to force the smartphone not to fall asleep when the JS application is open? 1Reply
F
felsme2019-04-22 04:28:33
Kate Mobile Music Token no longer working? 0Reply
E
Evgeny Pashkov2020-01-02 14:35:40
How to display reviews from Google Maps on your website? 1Reply
A
anar662019-04-23 11:51:57
Can't get key from python dictionary? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question