search

neelbhat88 / imuadev

2 stars 0 forks source link

Token Based Authentication #825

Closed neelbhat88 closed 9 years ago

neelbhat88 commented 9 years ago

@Jakeah and @ttapers - Just an FYI - any new controllers that we create no longer need the before_filter :authenticate_user! and the skip_before_filter. You'll see what I mean in my changes. ApplicationController now has a before_filter to authenticate_token so all of our controllers will automatically do that unless we dont want them to (sessions controller is one example)

neelbhat88 commented 9 years ago

Let me know if this looks good so I can merge this in today. I want to let this sit in staging for a few days and have the mobile guys point the apps to staging so we can make sure all the authentication works as expected

neelbhat88 commented 9 years ago

@Jakeah @ttapers, yay? nay?

Jakeah commented 9 years ago

I've been on the road sorry

On Thursday, April 16, 2015, neelbhat88 notifications@github.com wrote:

@Jakeah https://github.com/Jakeah @ttapers https://github.com/ttapers, yay? nay?

— Reply to this email directly or view it on GitHub https://github.com/neelbhat88/imuadev/pull/825#issuecomment-93846070.

neelbhat88 commented 9 years ago

Oh yeah forgot about that, np man. I'm going to merge it. @ttapers take a look when you get a chance - you guys will see the controller changes that we no longer need in any new controllers and let me know if you guys see something that needs to be changed.

neelbhat88 commented 9 years ago

Yeah I thought about both and was in the same boat with not really seeing a definitive answer to go one way or the other. I talked to some people at Adrian's work and they've used localStorage for storing tokens on various projects so I just went with that. But yeah switching to cookieStorage is easy and we can do that if we find out cookie is better than localstorage.

ttapers commented 9 years ago

Nothing show-stopper in my questions, we can maybe even test the cookie thing on staging. Merge away!

neelbhat88 commented 9 years ago

Cool thanks! And yeah I can try clearing cache and cookies and seeing if localStorage gets cleared. And oh I also remember why I went with localStorage - its because we need to use localStorage for the mobile app because cookies aren't supported or require extra effort for mobile. BUT Adrian will use localStorage in the mobile code, we can use cookies or local storage in the web app. So maybe it is better for us to use cookie storage in that case. Ill make the change if localStorage doesn't get cleared when the browser's cookies and cache are cleared.