扩展Devise以使用远程登录
我正在尝试关注这篇博客文章以允许使用设计进行远程身份validation,但我无法弄清楚一些事情。
我怎么称呼我的新文件,我在哪里放?
第一个, Devise::Models::RemoteAuthenticatable我假设我调用remote_authenticatable.rb并在我的模型文件夹中放入一个Devise::Models::RemoteAuthenticatable文件夹?
第二个文件,“设计的Warden策略”我不知道该怎么称呼,或者把它放在哪里。
有任何想法吗? 我发现教程很不完整。 它与Devise指令相关联,作为执行此操作的方式。
编辑:
我一直在做更多阅读,我不确定我是否需要按照博客文章中的说法去做。 我一直试图简单地将数据PUT到我的Rails应用程序,但无法获得任何工作。 执行PUT请求会导致设置松散身份validation。
我知道这个问题已有数年之久,但我也发现教程不完整,最近我花了几天时间尝试远程身份validation。 所以我会提供我的解决方案,以防将来帮助某人。 我使用的是Ruby 2.2.2和Rails 4.2.5.1。
首先,这个要点对我来说是一个非常有用的参考。
我还使用gem fakeweb来模拟API调用。
以下是我的文件的样子:
应用程序/模型/ user.rb
class User < include ActiveModel::Model # required because some before_validations are defined in devise include ActiveModel::Validations # required to define callbacks extend ActiveModel::Callbacks # taken from http://stackoverflow.com/questions/8936906/whats-the-correct-way-to-make-before-validation-etc-work-in-an-activemodel include ActiveModel::Validations::Callbacks extend Devise::Models # create getter and setter methods internally for the fields below attr_accessor :email, :auth_token #required by Devise define_model_callbacks :validation devise :remote_authenticatable, :timeoutable # Latest devise tries to initialize this class with values # ignore it for now def initialize(options={}) end end
LIB /模型/ remote_authenticatable.rb
require 'fakeweb' #used for mocking API calls module Devise module Models module RemoteAuthenticatable extend ActiveSupport::Concern # # Here you do the request to the external webservice # # If the authentication is successful you should return # a resource instance # # If the authentication fails you should return false # def remote_authentication(authentication_hash) FakeWeb.register_uri(:get, "http://localhost:3000/webservice/login.json", :body => "{ \"success\": \"true\", \"auth_token\": \"secure_token_123\", \"email\": \"bob@1123.com\"}") # Your logic to authenticate with the external webservice response = Net::HTTP.get(URI.parse("http://localhost:3000/webservice/login.json")) self.email = JSON.parse(response)["email"] self.auth_token = JSON.parse(response)["auth_token"] return self end module ClassMethods #################################### # Overriden methods from Devise::Models::Authenticatable #################################### # # This method is called from: # Warden::SessionSerializer in devise # # It takes as many params as elements had the array # returned in serialize_into_session # # Recreates a resource from session data # def serialize_from_session(data, salt) resource = self.new resource.email = data['email'] resource.auth_token = data['auth_token'] resource end # # Here you have to return and array with the data of your resource # that you want to serialize into the session # # You might want to include some authentication data # def serialize_into_session(record) [ { :email => record.email, :auth_token => record.auth_token }, nil ] end end end end end
配置/初始化/ remote_authenticatable.rb
module Devise module Strategies class RemoteAuthenticatable < Authenticatable # # For an example check : https://github.com/plataformatec/devise/blob/master/lib/devise/strategies/database_authenticatable.rb # # Method called by warden to authenticate a resource. # def authenticate! # # authentication_hash doesn't include the password # auth_params = authentication_hash auth_params[:password] = password # # mapping.to is a wrapper over the resource model # resource = mapping.to.new return fail! unless resource # remote_authentication method is defined in Devise::Models::RemoteAuthenticatable # # validate is a method defined in Devise::Strategies::Authenticatable. It takes #a block which must return a boolean value. # # If the block returns true the resource will be logged in # If the block returns false the authentication will fail! # # resource = resource.remote_authentication(auth_params) if validate(resource){ resource = resource.remote_authentication(auth_params) } success!(resource) end end end end end
配置/初始化/ devise.rb
Devise.setup do |config| # ... # ... # OTHER CONFIGURATION CODE HERE # ... # ... # ==> Warden configuration # If you want to use other strategies, that are not supported by Devise, or # change the failure app, you can configure them inside the config.warden block. # # config.warden do |manager| # manager.intercept_401 = false # manager.default_strategies(scope: :user).unshift :some_external_strategy # end # BEGIN code that was added to this file config.warden do |manager| manager.strategies.add(:remote_authenticatable, Devise::Strategies::RemoteAuthenticatable) manager.default_strategies(:scope => :user).unshift :remote_authenticatable end Devise.add_module :remote_authenticatable, :controller => :sessions, :route => { :session => :routes } # END code that was added to this file # ... # ... # OTHER CONFIGURATION CODE HERE # ... # ... end
配置/ application.rb中
# ... # ... # OTHER CODE HERE # ... # ... module RemoteAuth class Application < Rails::Application # ... # OTHER CODE HERE # ... # BEGIN code that was added to this file config.autoload_paths += Dir["#{config.root}/lib/**/"] config.autoload_paths += Dir["#{config.root}/app/models/**/"] # END code that was added to this file end end
这个要点向您展示了如何做到这一点。 还有一些额外的步骤,比如激活用户模型中的:token_authenticatable模块,以及config/devise.rb