Merge pull request #40 from azul/feature/token-auth

Token auth with a database of it's own
author: jessib <jessib@riseup.net> 2013-04-25 10:03:20 -0700
committer: jessib <jessib@riseup.net> 2013-04-25 10:03:20 -0700
commit: 15d48c24e529e2f944b026749c5eb35eb4c5cfa7 (patch)
tree: 071ec86c0fbd85cce8cef0a417423ee8e99c39f0 /users/app
parent: 4927abe188c7615fe6844ae0e20144b116a52a99 (diff)
parent: 53e3198196033f2dd77c09be6919cbef72f3f5d8 (diff)
2 files changed, 19 insertions, 1 deletions
diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index 9365d76..e3459d6 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -23,6 +23,7 @@ module V1
 
     def update
       authenticate!
+      @token = Token.create(:user_id => current_user.id)
       render :json => login_response
     end
 
@@ -35,7 +36,7 @@ module V1
 
     def login_response
       handshake = session.delete(:handshake)
-      handshake.to_hash.merge(:id => current_user.id)
+      handshake.to_hash.merge(:id => current_user.id, :token => @token.id)
     end
 
   end
diff --git a/users/app/models/token.rb b/users/app/models/token.rb
new file mode 100644
index 0000000..44a6dfe
--- /dev/null
+++ b/users/app/models/token.rb
@@ -0,0 +1,17 @@
+class Token < CouchRest::Model::Base
+
+  use_database :tokens
+
+  property :user_id, String, accessible: false
+
+  validates :user_id, presence: true
+
+  def initialize(*args)
+    super
+    self.id = SecureRandom.urlsafe_base64(32)
+  end
+
+  design do
+  end
+end
+
author	jessib <jessib@riseup.net>	2013-04-25 10:03:20 -0700
committer	jessib <jessib@riseup.net>	2013-04-25 10:03:20 -0700
commit	15d48c24e529e2f944b026749c5eb35eb4c5cfa7 (patch)
tree	071ec86c0fbd85cce8cef0a417423ee8e99c39f0 /users/app
parent	4927abe188c7615fe6844ae0e20144b116a52a99 (diff)
parent	53e3198196033f2dd77c09be6919cbef72f3f5d8 (diff)