Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
4024aa8e
Commit
4024aa8e
authored
Jul 09, 2014
by
Marin Jankovski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Try to keep token authenticable compatibility
parent
34cfd84e
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
48 additions
and
5 deletions
+48
-5
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+15
-0
app/models/concerns/token_authenticatable.rb
app/models/concerns/token_authenticatable.rb
+31
-0
app/models/user.rb
app/models/user.rb
+2
-1
config/initializers/devise.rb
config/initializers/devise.rb
+0
-4
No files found.
app/controllers/application_controller.rb
View file @
4024aa8e
require
'gon'
class
ApplicationController
<
ActionController
::
Base
before_filter
:authenticate_user_from_token!
before_filter
:authenticate_user!
before_filter
:reject_blocked!
before_filter
:check_password_expiration
...
...
@@ -28,6 +29,20 @@ class ApplicationController < ActionController::Base
protected
# From https://github.com/plataformatec/devise/wiki/How-To:-Simple-Token-Authentication-Example
def
authenticate_user_from_token!
user_token
=
params
[
:user_token
].
presence
user
=
user_token
&&
User
.
find_by_authentication_token
(
user_token
.
to_s
)
if
user
# Notice we are passing store false, so the user is not
# actually stored in the session and a token is needed
# for every request. If you want the token to work as a
# sign in token, you can simply remove store: false.
sign_in
user
,
store:
false
end
end
def
log_exception
(
exception
)
application_trace
=
ActionDispatch
::
ExceptionWrapper
.
new
(
env
,
exception
).
application_trace
application_trace
.
map!
{
|
t
|
"
#{
t
}
\n
"
}
...
...
app/models/concerns/token_authenticatable.rb
0 → 100644
View file @
4024aa8e
module
TokenAuthenticatable
extend
ActiveSupport
::
Concern
module
ClassMethods
def
find_by_authentication_token
(
authentication_token
=
nil
)
if
authentication_token
where
(
authentication_token:
authentication_token
).
first
end
end
end
def
ensure_authentication_token
if
authentication_token
.
blank?
self
.
authentication_token
=
generate_authentication_token
end
end
def
reset_authentication_token!
self
.
authentication_token
=
generate_authentication_token
save
end
private
def
generate_authentication_token
loop
do
token
=
Devise
.
friendly_token
break
token
unless
self
.
class
.
unscoped
.
where
(
authentication_token:
token
).
first
end
end
end
app/models/user.rb
View file @
4024aa8e
...
...
@@ -52,6 +52,7 @@ require 'file_size_validator'
class
User
<
ActiveRecord
::
Base
include
Gitlab
::
ConfigHelper
extend
Gitlab
::
ConfigHelper
include
TokenAuthenticatable
default_value_for
:admin
,
false
default_value_for
:can_create_group
,
gitlab_config
.
default_can_create_group
...
...
@@ -60,7 +61,7 @@ class User < ActiveRecord::Base
default_value_for
:projects_limit
,
gitlab_config
.
default_projects_limit
default_value_for
:theme_id
,
gitlab_config
.
default_theme
devise
:database_authenticatable
,
:
token_authenticatable
,
:
lockable
,
:async
,
devise
:database_authenticatable
,
:lockable
,
:async
,
:recoverable
,
:rememberable
,
:trackable
,
:validatable
,
:omniauthable
,
:confirmable
,
:registerable
attr_accessor
:force_random_password
...
...
config/initializers/devise.rb
View file @
4024aa8e
...
...
@@ -155,10 +155,6 @@ Devise.setup do |config|
# REST_AUTH_SITE_KEY to pepper)
# config.encryptor = :sha512
# ==> Configuration for :token_authenticatable
# Defines name of the authentication token params key
config
.
token_authentication_key
=
:private_token
# Authentication through token does not store user in session and needs
# to be supplied on each request. Useful if you are using the token as API token.
config
.
skip_session_storage
<<
:token_auth
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment