Stack Overflow
Stack Overflow

Questions tagged [http-token-authentication]

146 questions
7
votes
2 answers

Token based authentication using Play 2 Framework

I'm buiding an application using Play Framework 2, in Scala. It will be purely RESTful, with calls being made at the moment from a Javascript single page application. What would be the best way to integrate token-based authentication? There are…
Artur Soler
  • 2,974
  • 2
  • 23
  • 24
6
votes
1 answer

devise_token_auth & Rails 5 - IndexError: string not matched

I'm trying to sign in an existing user using devise_token_auth version 0.1.38, but I'm hitting an IndexError: string not matched in the library's sessions_controller. IndexError (string not matched): devise_token_auth (0.1.38)…
Jack Collins
  • 1,145
  • 10
  • 21
6
votes
3 answers

Unit Testing Django Rest Framework Authentication at Runtime

I basically want to turn TokenAuthentication on but only for 2 unit tests. The only option I've seen so far is to use @override_settings(...) to replace the REST_FRAMEWORK settings value. REST_FRAMEWORK_OVERRIDE={ 'PAGINATE_BY': 20, …
Rob Carpenter
  • 602
  • 7
  • 16
6
votes
2 answers

Using Refesh Token in Token-based Authentication is secured?

I am building a token based authentication (Node.js using passport/JWT with an angular client). After the user enter his credentials he gets an access token, which he sends in every request inside the header (header: bearer TOKEN). I don't want to…
Aviran Cohen
  • 5,581
  • 4
  • 48
  • 75
5
votes
3 answers

Token Authentication Not Working on Django Rest Framework

I have a Django application, which I am using DRF for my API with Session, and Token authentication. I have rest_framework, and rest_framework.authtoken in my installed apps. I have migrated my database and can create tokens for users in the Django…
TJB
  • 3,706
  • 9
  • 51
  • 102
5
votes
1 answer

Triggering a large file download from a fully-formed response

The Problem I have a Node.js end-point that properly triggers an arbitrarily-large file download when accessed using the following: response.setHeader('Content-disposition', 'attachment; filename=' + fileName); response.set('Content-Type',…
David
  • 167
  • 3
  • 11
4
votes
2 answers

Implementing a token authentication

Which are the steps must I follow to implement a token authentication in my web page? Any summary or links will be appreciated. I want to implement similar to Facebook or Google, first time client loggin and receive token and then use it in next…
acanimal
  • 4,800
  • 3
  • 32
  • 41
4
votes
0 answers

Devise Token Auth requiring current_password on password reset

I have config.check_current_password_before_update = :password enabled. So when the user updates his/her password, the current_password field is required. This becomes a problem when implementing password reset because the user does not know his/her…
Paulius Dragunas
  • 1,702
  • 3
  • 19
  • 29
4
votes
1 answer

Security in token auth when using other provider authentications services such as Soundcloud?

User Login Process by Soundcloud Connect button Press the button on the website and start a session with random token generated by api server without authenticating of the user on Soundcloud. User is redirect to the Soundcloud authentication…
cengo
  • 151
  • 1
  • 6
3
votes
0 answers

Is REST framework token authentication safe?

I am relatively new to REST Framework for django. I was creating a simple app to login the users and I tried using Token Authentication. My concern is the tokens are created for each users and they are fixed (Do not change with time) and basically 1…
Verain_the_great
  • 153
  • 1
  • 1
  • 6
3
votes
3 answers

Token authentication in django (rest_framework) not working

the title pretty much says it all. I'm trying to authenticate with a token. I am getting information from the django database to my flutter app. I've successfully retrieved my token from the rest_framework and added it to the headers of the rest…
Alb
  • 1,063
  • 9
  • 33
3
votes
2 answers

csrf_token displayed as a URL parameter

Is it okay that a website displays the csrf_token as a URL parameter? I have a feeling that I shouldn't be able to see it, but I am no quite sure. If someone can clear this up a bit, I would be grateful!
Sayed Alesawy
  • 425
  • 2
  • 6
  • 18
3
votes
2 answers

Java HTTP Request with Token Authentication

I am trying to make a GET request to a local server I have running. I am having trouble returning the correct data, I am seeing an 'Unauthorized' response. Can anyone spot any glaring issues with this given that the String 'token' is correct. …
Ron95
  • 136
  • 1
  • 2
  • 13
3
votes
1 answer

User.Identity.GetUserId() and RequestContext.Principal.Identity.GetUserId() returns NULL in WEB API controller. Used Token based Aunthentication

I have used Tokens to secure my Web API website, and consumed this API from an AngularJS client application. With this I am able to login with token based authentication. My issue is that I am not able to get the UserId in Web API controller.…
RohitV
  • 65
  • 1
  • 7
3
votes
1 answer

Token based authentication and hash passwords

In my asp.net web service user passwords has stored as hash values using BCrypt.Net.BCrypt.HashPassword (password, BCrypt.Net.BCrypt.GenerateSalt ()); And my web service need to implement token-based authentication as well. I am new to this and…
Thudani Hettimulla
  • 754
  • 1
  • 12
  • 32
1
2
3
9 10