-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFC: Move api authentication into Devise Strategy #3131
Comments
@skukx I think this is a good idea, but what about stores that are not using Devise (if any)? |
I've thought about that as well and don't really have a definitive answer for it. If we moved the api authentication to One possible choice, (if this was something wanted), is to pull in Another option is that we create an adapter around authentication, however I don't think that'd be worth the work since I would assume most stores are using devise for their authentication. TLDR |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Is your feature request related to a problem? Please describe.
Currently the api authentication has no ties to Devise and is self implemented. This is great but devise provides some plugins like
lockable
,confirmable
etc. By Implementing the auth logic in a Devise strategy we can piggy back off devise.Describe the solution you'd like
Create a devise strategy which inherits from
Devise::Strategies::Base
The key is
valid_for_authentication?
method. If the user is locked out, then they will also be locked out from using the api.The text was updated successfully, but these errors were encountered: