33 lines
772 B
Ruby
33 lines
772 B
Ruby
module TokenVerification
|
|
extend ActiveSupport::Concern
|
|
include ActionController::HttpAuthentication::Token::ControllerMethods
|
|
|
|
included do
|
|
before_action :authenticate
|
|
end
|
|
|
|
|
|
protected
|
|
# Authenticate the user with token based authentication
|
|
def authenticate
|
|
authenticate_token || render_unauthorized
|
|
end
|
|
|
|
def authenticate_token
|
|
authenticate_with_http_token do |token, options|
|
|
#@current_user = User.find_by(api_key: token)
|
|
@user = Employee.authenticate_token(token)
|
|
if @user
|
|
#Maybe log - login?
|
|
end
|
|
|
|
end
|
|
end
|
|
|
|
def render_unauthorized(realm = "Application")
|
|
self.headers["WWW-Authenticate"] = %(Token realm="#{realm.gsub(/"/, "")}")
|
|
render json: 'Bad credentials', status: :unauthorized
|
|
end
|
|
|
|
end
|