Personal needs help to implement token authentication , I have already created the models, the application is working correctly, now I need to improve security.
The client will send me a registration and a password, it will come in JSON
, there is a method that makes a select in the bank to check if enrollment and password are true, I would like to generate a token once a day as soon as it enrolls and password are confirmed. This token will return along with the ID for the device, via JSON
, and in the next operations all will be validated with that token.
This is my model that does the query
class Student < ApplicationRecord
has_many :simulated
has_many :proof
#Metodo que recebe matricula e senha para validar acesso
def sqlValidatedLogin(registration,password)
query_student = "SELECT id, name, token registration FROM students WHERE registration = "+
registration+" AND password = "+password
ActiveRecord::Base.connection.execute(query_student)
end
end
# method in controller
def index
student = Student.new
return_dados = student.sqlValidatedLogin(params[:registration].to_s,params[:password].to_s)
render :json => return_dados
end
Access to return data
I'm wondering how to implement in other classes, I've read the documentation but did not understand token authentication, would someone have a configuration example with comments, or could you help me implement that?