Class: HaveAPI::Authentication::Token::Provider

Inherits:

Base

• Object
• Base
• HaveAPI::Authentication::Token::Provider

Defined in:

lib/haveapi/authentication/token/provider.rb

Overview

Provider for token authentication. This class has to be subclassed and implemented.

Token auth contains resource token. User can request a token by calling action Resources::Token::Request. Returned token is then used for authenticating the user. Client sends the token with each request in configured #http_header or #query_parameter.

Token can be revoked by calling Resources::Token::Revoke.

Example usage:

Token model: class ApiToken < ActiveRecord::Base belongs_to :user

validates :user_id, :token, presence: true
validates :token, length: {is: 100}

enum lifetime: %i(fixed renewable_manual renewable_auto permanent)

def renew
  self.valid_to = Time.now + interval
end
end

Authentication provider: class MyTokenAuth < HaveAPI::Authentication::Token::Provider protected def save_token(request, user, token, lifetime, interval) user.tokens << ::Token.new(token: token, lifetime: lifetime, valid_to: (lifetime != 'permanent' ? Time.now + interval : nil), interval: interval, label: request.user_agent) end

def revoke_token(request, user, token)
  user.tokens.delete(token: token)
end

def renew_token(request, user, token)
  t = ::Token.find_by(user: user, token: token)

  if t.lifetime.start_with('renewable')
    t.renew
    t.save
    t.valid_to
  end
end

def find_user_by_credentials(request, username, password)
  ::User.find_by(login: username, password: password)
end

def find_user_by_token(request, token)
  t = ::Token.find_by(token: token)

  if t
    # Renew the token if needed
    if t.lifetime == 'renewable_auto'
      t.renew
      t.save
    end

    t.user # return the user
  end
end
end

Finally put the provider in the authentication chain: api = HaveAPI.new(...) ... api.auth_chain << MyTokenAuth

Instance Attribute Summary

Attributes inherited from Base

#name, #resources

Instance Method Summary

• #authenticate(request) ⇒ Object
• #describe ⇒ Object
• #setup ⇒ Object
• #token(request) ⇒ Object

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from HaveAPI::Authentication::Base

Instance Method Details

#authenticate(request) ⇒ Object

# File 'lib/haveapi/authentication/token/provider.rb', line 89

def authenticate(request)
  t = token(request)

  t && find_user_by_token(request, t)
end

#describe ⇒ Object

# File 'lib/haveapi/authentication/token/provider.rb', line 99

def describe
  {
      http_header: http_header,
      query_parameter: query_parameter,
  }
end

#setup ⇒ Object

# File 'lib/haveapi/authentication/token/provider.rb', line 82

def setup
  Resources::Token.token_instance ||= {}
  Resources::Token.token_instance[@version] = self

  @server.allow_header(http_header)
end

#token(request) ⇒ Object

# File 'lib/haveapi/authentication/token/provider.rb', line 95

def token(request)
  request[query_parameter] || request.env[header_to_env]
end