rack-devise_cookie_auth
Advanced tools
Rack::DeviseCookieAuth allows to log-in from a Devise remember-me token stored in a cookie.
It depends on Active::Support >= 2.3.2 and is tested against Ruby 1.9.2, 1.9.3, ruby-head and the latest versions of Rubinius & JRuby.
Add this line to your application's Gemfile (probably in the :production group only):
gem 'rack-devise_cookie_auth'
And then execute:
$ bundle
If you don't use Bundler, be sure to require Rack::DeviseCookieAuth manually before actually using the middleware:
require 'rack/devise_cookie_auth'
use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'
To use Rack::DeviseCookieAuth in your Rails application, add the following line to your application config file (config/application.rb or config/environments/production.rb) for Rails 3, config/environment.rb for Rails 2):
config.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'
# or if you're using Rack::Cache, be sure to insert Rack::DeviseCookieAuth before
config.middleware.insert_before Rack::Cache, Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'
Please note that the :secret option is mandatory and can normally be found in the 'config/initializers/secret_token.rb' file of your Rails app.
By default, the middleware will look for the user resource cookie named "remember_user_token" but if want to use authenticate againts another resource name you can set it with the :resource option:
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', resource: 'admin'
By default, the middleware will redirect to the root path of the current domain but you can customize the redirection path with the :redirect_to option:
# It can be a path...
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', redirect_to: '/login'
# ... or a full URL
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', redirect_to: 'https://yourdomain.com/login'
Pull requests are very welcome! Please try to follow these simple rules if applicable:
https://github.com/jilion/rack-devise_cookie_auth/graphs/contributors
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
As vulnerability data bottlenecks grow, the federal government is formally investigating NIST’s handling of the National Vulnerability Database.
Research
Security News
Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.
Security News
TypeScript Native Previews offers a 10x faster Go-based compiler, now available on npm for public testing with early editor and language support.