Simple, multi-client and secure token-based authentication for Rails.
If you're building SPA or a mobile app, and you want authentication, you need tokens, not cookies. This gem refreshes the tokens on each request, and expires them in a short time, so the app is secure. Also, it maintains a session for each client/device, so you can have as many sessions as you want.
- Seamless integration with:
- ng-token-auth for AngularJS
- Angular-Token for Angular
- redux-token-auth for React with Redux
- jToker for jQuery
- vanilla-token-auth for an unopinionated client
- Oauth2 authentication using OmniAuth.
- Email authentication using Devise, including:
- User registration, update and deletion
- Login and logout
- Password reset, account confirmation
- Support for multiple user models.
- It is secure.
This project leverages the following gems:
Add the following to your Gemfile
:
gem 'devise_token_auth'
Then install the gem using bundle:
bundle install
Please use StackOverflow for help requests and how-to questions.
Please open GitHub issues for bugs and enhancements only, not general help requests. Please search previous issues (and Google and StackOverflow) before creating a new issue.
Please read the issue template before posting issues.
See our Contribution Guidelines. Feel free to submit pull requests, review pull requests, or review open issues. If you'd like to get in contact, Zach Feldman has been wrangling this effort, you can reach him with his name @gmail. Further discussion of this in this issue.
We have some bounties for some issues, check them out!
Here is a demo of this app running with the ng-token-auth module and AngularJS.
Here is a demo of this app running with the Angular-Token service and Angular.
Here is a demo of this app using the jToker plugin and React.
The fully configured api used in these demos can be found here.
Thank you to all our backers! 🙏 [Become a backer]
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]
This project uses the WTFPL