wardencommunity/warden

Help updating user resource

jperry opened this issue · 1 comments

jperry commented

Apologies if I should be adding this somewhere else (I wasn't able to find a google group) but I am having trouble finding how to update the user resource after being authenticated. I am using a remote authentication with something similar to this: http://4trabes.com/2012/10/31/remote-authentication-with-devise/ that doesn't use an ORM. In the remote_authentication method I am calling a remote service to authenticate and the response has an auth_token that I am storing int he User model that is a PORO. My code looks like this:

      def remote_authentication(authentication_hash)
        params = {
          'username' => authentication_hash[:email],
          'password' => authentication_hash[:password],
          'client_id' => 'special-client',
          'grant_type' => 'password'
        }
        result = AuthClient.get_oauth_token(params)
        return false unless result.success?
        response = JSON.parse(result.response)
        self.email = authentication_hash[:email]
        self.auth_token = response['access_token']
        self.refresh_token = response['refresh_token']
        self.expires_at = Time.now + response['expires_in']
        return self
      end

      module ClassMethods
        def serialize_from_session(data, salt)
          resource = self.new
          resource.email = data['email']
          resource.auth_token = data['auth_token']
          resource.refresh_token = data['refresh_token']
          resource.expires_at = data['expires_at']
          resource
        end

        def serialize_into_session(record)
          [
            {
              :email => record.email,
              :auth_token => record.auth_token,
              :refresh_token => record.refresh_token,
              :expires_at => record.expires_at
            },
            nil
          ]
        end

This stores the user object in the session which is good but in later requests I need to check if the auth token is expires and refresh it. I am doing this in my ApplicationController but I am having trouble updating the User resource and having it stored in the session data so all subsequent requests will use the new data that is pulled in by serialize_from_session. Any pointers on where I should update this data? I could keep storing it in session[:auth_token], etc but the User resource will always have old data which seems weird to me. Any suggestions on how to update the user resource? Thanks in advance.

hassox commented

I think the easiest thing to do here would be to call warden.set_user (or sign_in with devise). on each request. I think something like.

warden.user.refresh_things!
warden.set_user(warden.user)