Access Code Authentication with Rails 3 Development

Question

Access Code Authentication with Rails 3 Development

I am working on a rails project, and I have been encouraged to use Devise for my authentication and user session management.

I have two types of users who need user / password authentication and another type of user that I only need to authenticate with "access_code". These are different models without inheritance.

What would be the best way to do this in Devise? Is there a way for all of these different types of authentication to work side by side?

I looked at the ability to log in using a username or email address, but how can I do this using only one field? No password is used.

+3

authentication ruby-on-rails ruby-on-rails-3 devise

Peter Hamilton Jun 11 '11 at 10:54

source share

1 answer

Matheus moreira · Accepted Answer · 2011-06-11T23:45:12+0000

Use a Token authentication module without a database. There's an example on a wiki.

These tokens, unlike those that you find in letters with password recovery, for example, are permanent and are stored in the database. They behave by default as service API keys, which means that they do not hold the user in a session and must be provided for every request.

So that they truly subscribe users to:

# If true, authentication through token does not store user in session and needs
# to be supplied on each request. Useful if you are using the token as API token.
config.stateless_token = false

Access Code Authentication with Rails 3 Development

More articles: