buncis buncis

## authentication_with_bcrypt_in_rails_4.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                buncis
                / authentication_with_bcrypt_in_rails_4.md
            
            
              Created
              December 15, 2021 17:30
                — forked from thebucknerlife/authentication_with_bcrypt_in_rails_4.md
            
              
                Simple Authentication in Rail 4 Using Bcrypt
              
          
    #Simple Authentication with Bcrypt
This tutorial is for adding authentication to a vanilla Ruby on Rails app using Bcrypt and has_secure_password.
The steps below are based on Ryan Bates's approach from 
Railscast #250 Authentication from Scratch (revised).
You can see the final source code here: repo. I began with a stock rails app using rails new gif_vault
##Steps

  
## verify_and_decrypt_session_cookie60beta1.rb
require 'cgi'
require 'active_support'

def verify_and_decrypt_session_cookie(cookie, secret_key_base = Rails.application.secret_key_base)
  config = Rails.application.config
  cookie = CGI::unescape(cookie)
  salt   = config.action_dispatch.authenticated_encrypted_cookie_salt
  encrypted_cookie_cipher = config.action_dispatch.encrypted_cookie_cipher || 'aes-256-gcm'
  # serializer = ActiveSupport::MessageEncryptor::NullSerializer # use this line if you don't know your serializer
  serializer = ActionDispatch::Cookies::JsonSerializer

## api_controller.rb
class ApiController < ApplicationController
  # define which model will act as token authenticatable
  acts_as_token_authentication_handler_for Login

  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :null_session

  respond_to :json
  skip_before_filter :verify_authenticity_token, if: :json_request?

## colab_download.py
files.download('example.txt')  # from colab to browser download
	require 'cgi'
	require 'active_support'

	def verify_and_decrypt_session_cookie(cookie, secret_key_base = Rails.application.secret_key_base)
	config = Rails.application.config
	cookie = CGI::unescape(cookie)
	salt = config.action_dispatch.authenticated_encrypted_cookie_salt
	encrypted_cookie_cipher = config.action_dispatch.encrypted_cookie_cipher \|\| 'aes-256-gcm'
	# serializer = ActiveSupport::MessageEncryptor::NullSerializer # use this line if you don't know your serializer
	serializer = ActionDispatch::Cookies::JsonSerializer
	class ApiController < ApplicationController
	# define which model will act as token authenticatable
	acts_as_token_authentication_handler_for Login

	# Prevent CSRF attacks by raising an exception.
	# For APIs, you may want to use :null_session instead.
	protect_from_forgery with: :null_session

	respond_to :json
	skip_before_filter :verify_authenticity_token, if: :json_request?