class Devise::Strategies::TokenAuthenticatable
a password, you can pass “X” as password and it will simply be ignored.
For HTTP, you can pass the token as username and blank password. Since some clients may require
and http. For the former, all you need to do is to pass the params in the URL:
Strategy for signing in a user, based on a authenticatable token. This works for both params
def authenticate!
def authenticate! resource = mapping.to.find_for_token_authentication(authentication_hash) return fail(:invalid_token) unless resource if validate(resource) resource.after_token_authentication success!(resource) end end
def authentication_keys
def authentication_keys @authentication_keys ||= [mapping.to.token_authentication_key] end
def params_auth_hash
def params_auth_hash if params[scope].kind_of?(Hash) && params[scope].has_key?(authentication_keys.first) params[scope] else params end end
def remember_me?
def remember_me? false end
def store?
def store? super && !mapping.to.skip_session_storage.include?(:token_auth) end
def valid_params_request?
def valid_params_request? true end