Home/ Questions/Q 6623761
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T21:34:14+00:00

I need to use token based authentication in a Rails 3.1 API in conjunction

  • 0

I need to use token based authentication in a Rails 3.1 API in conjunction with the most recent version of devise. No problem so far.

Now I do not want to append my :auth_token to the POST/PUT parameters on client side but send this token as a request header like HTTP_X_MYAPP_AUTH_TOKEN”.

Can I convince devise from using that rather than a token from parameters? Is it possible to implement both, so that my API users can send the token via request header OR POST/PUT parameter?

Regards. Felix

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I had the same need and came up with this solution:

    class YourController < ApplicationController
  prepend_before_filter :get_api_key
  before_filter :authenticate_user!

  private
  def get_api_key
    if api_key = params[:api_key].blank? && request.headers["X-API-KEY"]
      params[:api_key] = api_key
    end
  end
end

    Note I have my devise Devise.token_authentication_key set to api_key.

    config.token_authentication_key = :api_key
    • 0