How To: Simple Token Authentication Example

Jump to bottom Edit New page

Gal Schlezinger edited this page Jul 12, 2020 · 24 revisions

The TokenAuthenticatable strategy has been removed from Devise because it's vulnerable to timing attacks. As a consequence, the examples in this page are out of date.

See this gist by José Valim and some popular alternatives below.

Examples

Note: these examples are out of date.

Here is a blog post with some quick code snippets and a link to a quick example app on github. https://web.archive.org/web/20120712095509/http://zyphdesignco.com/blog/simple-auth-token-example-with-devise

~~And here is another blog post with a detailed example: http://matteomelani.wordpress.com/2011/10/17/authentication-for-mobile-devices/~~

Alternatives

Devise::JWT - the only one with multiple token revocation strategies - allowlist, denylist, none (just let it expire) and so forth
Devise Token Auth
Simple Token Authentication
Tiddle
Devise::TokenAuthenticatable
Devise Token Authenticatable
Make sure to read this gist by José Valim if you want to implement token authentication yourself.

Getting Started

MIT License. Copyright 2009-2020 Plataformatec. http://plataformatec.com.br