mytrile/custom_auth_failure.rb Secret

## custom_auth_failure.rb
class CustomAuthenticationFailure < Devise::FailureApp
  protected

  def redirect_url
    "/"
  end
end

## devise.rb
# ...
config.warden do |manager|
   manager[:default_strategies][:user].unshift :token_cookie_strategy
end

config.warden do |manager|
  manager.failure_app = CustomAuthenticationFailure
end
# ...

## token_cookie_auth_strategy.rb
Warden::Strategies.add(:token_cookie_strategy) do
  def valid?
    token_from_cookie
  end

  def authenticate!
    binding.pry
    if token_from_cookie.present? && (user = User.find_for_token_authentication(:auth_token => token_from_cookie)).present?
      delete_token_from_cookie
      success!(user)
    else
      fail!("Could not log in")
    end
  end

  def token_from_cookie
    cookies[:authentication_token]
  end

  def delete_token_from_cookie
    cookies.delete(:authentication_token)
  end

end

## users_controller_spec.rb
require 'spec_helper'

describe UsersController do
  before :each do
    @user = FactoryGirl.create(:user)
  end

  describe "User can log in using a token in a signed cookie" do
    it "logs in with token in cookie" do
      @user.ensure_authentication_token!
      cookies[:authentication_token] = @user.authentication_token
      get :personal
      response.should render_template("personal")
      # THE RESPONSE IS REDIRECT
    end
  end
end
	class CustomAuthenticationFailure < Devise::FailureApp
	protected

	def redirect_url
	"/"
	end
	end
	# ...
	config.warden do \|manager\|
	manager[:default_strategies][:user].unshift :token_cookie_strategy
	end

	config.warden do \|manager\|
	manager.failure_app = CustomAuthenticationFailure
	end
	# ...
	Warden::Strategies.add(:token_cookie_strategy) do
	def valid?
	token_from_cookie
	end

	def authenticate!
	binding.pry
	if token_from_cookie.present? && (user = User.find_for_token_authentication(:auth_token => token_from_cookie)).present?
	delete_token_from_cookie
	success!(user)
	else
	fail!("Could not log in")
	end
	end

	def token_from_cookie
	cookies[:authentication_token]
	end

	def delete_token_from_cookie
	cookies.delete(:authentication_token)
	end

	end
	require 'spec_helper'

	describe UsersController do
	before :each do
	@user = FactoryGirl.create(:user)
	end

	describe "User can log in using a token in a signed cookie" do
	it "logs in with token in cookie" do
	@user.ensure_authentication_token!
	cookies[:authentication_token] = @user.authentication_token
	get :personal
	response.should render_template("personal")
	# THE RESPONSE IS REDIRECT
	end
	end
	end