Add user API token

2018-06-20 18:51:17 +02:00 · 2018-06-20 18:51:17 +02:00 · 1581a38026
commit 1581a38026
parent 049b7bc3e4
5 changed files with 27 additions and 3 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -11,7 +11,7 @@ class ApplicationController < ActionController::Base
  end

  def authenticate_user_or_client!
-    current_user || current_client || redirect_to(root_path, flash: { notice: "You have been redirected." })
+    current_user || current_client || user_token || redirect_to(root_path, flash: { notice: "You have been redirected." })
  end

  def current_client
@ -23,7 +23,13 @@ class ApplicationController < ActionController::Base
  def current_ability
    @current_ability ||=
      current_client.try { |c| ClientAbility.new(c) } ||
-      UserAbility.new(current_user)
+      UserAbility.new(current_user || user_token)
+  end
+
+  def user_token
+    @user_token ||= authenticate_with_http_token do |token, options|
+      User.find_by key: token
+    end
  end

  def after_sign_in_path_for(resource)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -50,4 +50,7 @@ class User < ActiveRecord::Base
    @@zeus ||= find_or_create_by name: 'Zeus'
  end

+  def generate_key
+    self.key = SecureRandom.base64(16) unless self.key
+  end
 end
--- a/app/views/users/show.html.haml
+++ b/app/views/users/show.html.haml
@ -65,3 +65,7 @@
      %th Message
  %tbody
 %h3="Zeus account number: BE32 9799 9370 6502"
+="API token: #{@user.key}"
+%br
+Example: 
+%code="curl -H \"Accept: application/json\" -H \"Authorization: Token token=#{@user.key}\" #{user_url(@user)}"
--- a/db/migrate/20180620161021_add_token_to_user.rb
+++ b/db/migrate/20180620161021_add_token_to_user.rb
@ -0,0 +1,10 @@
+class AddTokenToUser < ActiveRecord::Migration[5.2]
+  def change
+    add_column :users, :key, :string
+
+    User.all.each do |user|
+      user.generate_key
+      user.save
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema.define(version: 2017_01_23_151219) do
+ActiveRecord::Schema.define(version: 2018_06_20_161021) do

  create_table "clients", force: :cascade do |t|
    t.string "name", null: false
@ -86,6 +86,7 @@ ActiveRecord::Schema.define(version: 2017_01_23_151219) do
    t.boolean "penning", default: false, null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
+    t.string "key"
    t.index ["balance"], name: "index_users_on_balance"
    t.index ["name"], name: "index_users_on_name"
  end