[英]devise_token_auth how to identify a user by token
我是第一次使用gem devise_token_auth
並使用移動客戶端api,這是兩個問題:
1)我應該如何識別用戶? 我目前的理解是在http請求標頭集access_token上對嗎?
但是從源代碼看來,我應該提供uid , access_token , 客戶端 鏈接 uid = request.headers['did'] @token = request.headers['access-token'] @client_id = request.headers['client']
2)我可以找到一個user.tokens如下:
{"AOYZdDmwI7WQr8I6T4PpPw"=>{"token"=>"$2a$10$C/5f3JV7.9DZG8w.ggdCPelB6kzitWuGK4rfozHv15Hhf/x9DaCcO", "expiry"=>1473485374, "last_token"=>"$2a$10$abctsIP5bHPIm2nMXFTUH.1jPWQ5LiGTTrENjoqihWgcCkwRqbxb6", "updated_at"=>"2016-08-27T13:29:34.948+08:00"}}
哪個是client
,哪個是訪問令牌 ?
謝謝!
headers = JSON.parse(cookies['authHeaders']) uid = headers['uid'] token = headers['access-token'] client_id = headers['client'] user = User.find_by_uid(uid) if !user || !user.valid_token?(token, client_id) render json: {error: "Usuario no autorizado."}, status: 401 end
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.