I am using devise_token_auth in my rails app. I am looking to open up apis to my app using user specific tokens which would give them limited access to certain apis within my app. It should work similar to current public key and private key settings for integrating with apps like facebook, google, stripe etc. What should I be using? Is there any good documentation/ sample apps implementing this?
Asked
Active
Viewed 70 times
0
-
If you want to limit access, why don't you just do something like `before_action :authenticate' and run logic based on those keys, storing them in the database. – Thomas May 07 '20 at 03:27
1 Answers
0
You can create multiple device models, for example User, Admin, SuperUser etc...Then you can use:
before_action :authenticate_user, only: [:apiA, :apiB]
and
before_action :authenticate_admin, only: [:apiA, :apiB]
in the same controller for giving different access in each API action.
Serafeim Davranis
- 61
- 3