1
Staff need help implementing authentication by token, I already created the models, the application is working properly, now I need to improve security.
The customer will send me registration and a password, she will come in JSON, has a method that makes a select in the database to check if registration and password are true, I would like to generate a token once a day as soon as registration and password are confirmed. This token will return together with the ID to the device , via JSON, and in the next operations all will be validated with this token.
This is my consultation model
class Student < ApplicationRecord
has_many :simulated
has_many :proof
#Metodo que recebe matricula e senha para validar acesso
def sqlValidatedLogin(registration,password)
query_student = "SELECT id, name, token registration FROM students WHERE registration = "+
registration+" AND password = "+password
ActiveRecord::Base.connection.execute(query_student)
end
end
# method in the controller
def index
student = Student.new
return_dados = student.sqlValidatedLogin(params[:registration].to_s,params[:password].to_s)
render :json => return_dados
end
Access to return data
http://127.0.0.1:3000/Students? Registration=102030&password=%27123%27
I’m wondering how to implement in the other classes, I read the documentation however, I didn’t understand token authentication, someone would have an example configuration with comments, or could help me implement this ?
I used this tutorial to implement a project and it served me very well http://tutorials.pluralsight.com/ruby-ruby-on-rails/token-based-authentication-with-ruby-on-rails-5-api he doesn’t use Devise, things are more manual, but with a substantial efficiency.
– Ben-Hur Batista