1

I'm looking to set up a rails-api app and would like to be able to be able to access the user throughout requests.

I've read that HTTP token authentication is pretty much the way to go here, passing the token in the header of each of my requests.

What's got me a bit stumped is how I'll fetch the user every request. Should I be writing middleware to set this up or is there a gem that already does this kind of lifecycle?

Improve this question

1 Answer 1

Reset to default
1

you can add a column to the users table and use this column as the token. then in your controllers, you can add the following code to get the user (assuming you use http_token as the column name)

authenticate_or_request_with_http_token do |token, options|
  @current_user = User.find_by_http_token(token)
end
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Is there any reason why I might want to do this at a lower level (rack) or try and get the user set up through a helper?
sorry i'm not sure what advantage you have by doing this in a middleware. you should set this up in your application controller.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.