Skip to content

Configuration

Jump to bottom Edit New page
lerebear edited this page Feb 14, 2016 · 8 revisions

Configuration

GrapeTokenAuth provides many options to configure your authentication scheme. Generally, you will want to configure GrapeTokenAuth before the grape APIs and token authentication will be used. It is essential that, at minimum, mappings are setup in the configuration and a secret is set. These options can be set via a block as so:

GrapeTokenAuth.configure |config|
  config.mappings = { user: User }
  config.secret = '1ddf793cb39f59ee4720b9b0cb513cb0d3ea2fecd312bd7251c77e15351356dc230b0cf0d364be8a6df8143767459717101640a5c5f1794cbfbd166347b9aa49'
end

Note on Secret : generate a unique secret using rake secret in a rails app or via these directions.

Refer to the table below for configuration options:

Configuration Key Description Default
token_lifespan time span that GTA tokens are valid for two weeks
batch_request_
buffer_throttle 		timeframe in which a subsequent requests are considered "batch" requests five seconds
change_headers_on_each_request whether new auth headers / tokens are created on each request true
mappings scope to class mappings an empty a hash
redirect_whitelist array of urls that are allowed to be redirected to after authentication requests nil
param_white_list hash where key is the scope and value is array of attributes that are
permitted to be set on a resource		 nil
authentication_keys array of attributes that can be used to find a resource [:email]
omniauth_prefix url prefix where omniauth and related callbacks are mounted, this will
become the OmniAuth::config.path_prefix		 '/omniauth'
ignore_default_
serialization_blacklist 		when set to true, the default serialization blacklist is not applied
only use this when you need to serialize an attribute that is in the default list		 false
additional_
serialization_blacklist 		list of attributes that should be ignored when serializing an object an empty Array
from_address the "from" email for authentication emails nil
default_url_options url hash for creating urls in auth emails, see HTTP an empty hash
mailer Mailer class used to send emails SMTPMailer
default_password_reset_url default redirect url if not provided in password reset params nil
smtp_configuration SMTP configuration hash for SMTP mailer, see SMTP an empty hash
secret Random Hex String used to salt key generation nil
digest default digest method, see HMAC SHA256
messages message classes that are used to create emails, see DEFAULT_MESSAGES GrapeTokenAuth::Mail::DEFAULT_MESSAGES

Param/Attribute white listing

During resource creation/updating it is possible to allow other attributes on the model to be set. In order to do this, set the param_white_list on the configuration object. the value should be a hash where the key is the scope of the resource and value is an array of attributes that can be set. For example:

GrapeTokenAuth.configure do |config|
  config.param_white_list = [:favorite_color]
end

This would allow the favorite_color attribute to set during registration.

Serialization and serialization blacklist

There are several columns that reasonably should not be included when the resource object is serialized. GrapeTokenAuth defaults to excluding these columns:

  • encrypted_password
  • reset_password_token
  • reset_password_sent_at
  • remember_created_at
  • sign_in_count
  • current_sign_in_at
  • last_sign_in_at
  • current_sign_in_ip
  • last_sign_in_ip
  • password_salt
  • confirmation_token
  • confirmed_at
  • confirmation_sent_at
  • remember_token
  • unconfirmed_email
  • failed_attempts
  • unlock_token
  • locked_at
  • tokens

If you would like to exclude additional columns, set the additional_serialization_blacklist on the configuration object. The value should be an array of columns not to be serialized. If you would like to not include the default blacklist, set the ignore_default_serialization_blacklist config value to false. At that point you can define your own blacklist using the additional_serialization_blacklist. For example:

GrapeTokenAuth.configure do |config|
  config.additional_serialization_blacklist = [:favorite_color]
end

This would exclude all of the default columns and the favorite_color column.

GrapeTokenAuth.configure do |config|
  config.ignore_default_serialization_blacklist = false
  config.additional_serialization_blacklist = [:tokens, :favorite_color]
end

The above would exclude only tokens and favorite_color columns during serialization.

Add a custom footer
Clone this wiki locally