Geek Answers Handbook

Chrome Extension + Devise + Rails app - making authenticated requests from an extension?

I am creating a chrome extension that makes it easy to create contacts directly from the browser without resorting to my rail-based device itself. Contacts # Create requires authentication, so I wonder how I can send authenticated requests from the extension.

I have included deva TokenAuthenticatable and therefore my users have authtoken. I wrote a method in my js extensions that sends messages to my rails app # create action applications. For testing, I just hardcoded my own authentication token, which seems to work. But how can you expand access to authorization tokens for users? It is incorrect / safe to store this token in a cookie.

I think I should use chrome.cookies to access and do something with the session information of my application. But I get here sessionID.

any help appreciated!

+6
source share
2 answers

Although not from the chrome extension, I created something similar that could work with the terminal. I ended up bypassing the development and created my own token authentication, which will allow users to access only one controller action #, which I need. This way you can minimize damage if the marker is stolen.

One way or another, I would allow users to create (and regenerate) tokens in the rails application interface and make it so that the extension requests a token on first launch. I would save the token itself in localStorage.

+1
source

You can also check the authentifiation_token stored in your application cookie.

You can achieve this using the chrome.cookies.getAll() method described here - https://developer.chrome.com/extensions/cookies#method-getAll

0
source

More articles:


All Articles