Hello!
I know that I should use stackoverflow for this kind of questions. I asked question
Is it possible use Dookeeper and ActionCable?
Look like approach should be similar to this or this.
module ApplicationCable
class Connection < ActionCable::Connection::Base
identified_by :current_user
def connect
self.current_user = find_verified_user
end
protected
def find_verified_user
#CODE RELATED TO DOORKEEPER ????
if user
user
else
reject_unauthorized_connection
end
end
end
end
How can I get user by access_token and scope? (I use only access_token and refresh_token)
use_doorkeeper do
skip_controllers :authorizations, :applications, :authorized_applications
end
I think it would be great if you add ActionCable related example to wiki
Hi @ViTVetal . max on StackOverflow already answered you. You can store access token in cookies (don't sure it is secure way, but) and send it with ActionCable requests. And then you can find Resource Owner by Access Token that associated with requested token.
@nbulaj ok. Thank you!
I can send token as param during connection:
ws://localhost:3000/cable/?access-token=********
But how can I "find Resource Owner by Access Token that associated with requested token."? I didn't find how can I do this.
Something like this:
def access_token
@access_token ||= Doorkeeper::AccessToken.by_token(params[:token])
# or
#
# Doorkeeper::OAuth::Token.authenticate(
# request, # don't sure how it can be replaced in ActionCable
# *Doorkeeper.configuration.access_token_methods
# )
end
def current_user
@current_user ||= begin
User.find_by(id: access_token.resource_owner_id) if access_token # no need to raise ActiveRecord::RecordNotFound
end
end
@nbulaj Thank you!
Try it and tell me if it is OK for you :) Or describe another solution, we can add it to Wiki as you said
@nbulaj Yes. It is ok for me.
Draft version https://stackoverflow.com/a/49819013/3194048 (I am new in Rails so you may refactor this code but I think idea should be same).
Thank you again. Nice gem.
Thanks! It is now described in Doorkeeper and ActionCable. We can close the issue?
@nbulaj Yes