Class: Devise::Strategies::Doorkeeper

Inherits:

Authenticatable

• Object
• Authenticatable
• Devise::Strategies::Doorkeeper

Defined in:

lib/devise/strategies/doorkeeper.rb

Constant Summary

WARDEN_INVALID_TOKEN_MESSAGE =

:invalid_token

WARDEN_UNCONFIRMED_RESOURCE_MESSAGE =

:unconfirmed_resource

Instance Method Summary

• #authenticate! ⇒ Object
• #authentication_type ⇒ Object

  override base class implementation allow for Rails application to configure skipping session storage for doorkeeper requests see Devise skip_session_storage configuration.

• #clean_up_csrf? ⇒ Boolean

  override base class implementation API requests should not reset the user’s CSRF token which triggers rails to set the session_id key and send cookies to users.

• #valid? ⇒ Boolean

Instance Method Details

#authenticate! ⇒ Object

# File 'lib/devise/strategies/doorkeeper.rb', line 17

def authenticate!
  resource = resource_from_token
  if validate(resource)
    request.env['devise.skip_trackable'] = true
    if resource.active_for_authentication?
      success!(resource)
    else
      unconfirmed_resource
    end
  else
    invalid_token
  end
end

#authentication_type ⇒ Object

override base class implementation allow for Rails application to configure skipping session storage for doorkeeper requests see Devise skip_session_storage configuration

# File 'lib/devise/strategies/doorkeeper.rb', line 35

def authentication_type
  :doorkeeper
end

#clean_up_csrf? ⇒ Boolean

override base class implementation API requests should not reset the user’s CSRF token which triggers rails to set the session_id key and send cookies to users

Returns:

• (Boolean)

# File 'lib/devise/strategies/doorkeeper.rb', line 43

def clean_up_csrf?
  false
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/devise/strategies/doorkeeper.rb', line 12

def valid?
  credentials = ::Doorkeeper::OAuth::Token.from_request(request, *access_token_methods)
  credentials.present?
end