Devise and Stateless tokens in Rails

2019-04-01 14:53发布

问题:

I got an API that I have developed using Rails 3 and Devise. I am using tokens (token_authenticatable) for authentication for requests made to the API from a client. I want to be able to switch between users in the requests just be replacing the token.

I heard about a setting called :stateless_token (boolean) but I cannot figure out where to put this setting. Is there another way?

If found the token_authenticatable here:

https://github.com/plataformatec/devise/blob/master/lib/devise/strategies/token_authenticatable.rb

If found info about the stateless_token here:

http://rdoc.info/github/plataformatec/devise/master/Devise/Models/TokenAuthenticatable

回答1:

stateless_token is deprecated as of now. This is the new form (it allows more auth strategies to be stateless):

# config/initializers/devise.rb
config.skip_session_storage = [:token_auth]


回答2:

You can also edit the file /config/initializers/devise.rb and put (or uncomment, if already there) the following line:

config.stateless_token = true


回答3:

It should be an option in your devise_for line in the routes file.

devise_for :users, :stateless_token => true

Let me know if that works, In this page of documentation for devise it says that "TokenAuthenticatable adds the following options to devise_for:" with stateless token being one of them.

Also here is a link to the devise_for documentation