问题描述:

I'm developing an API and I'd like to support authenticated user

sessions. Is it possible to pass the session information used by

devise/warden after a user has been authenticated? I know I can use

TokenAuthenticatable, but I assume the session ID is better because it

expires after some time, can be expired on a per session basis, and

I'd prefer to have a separate non-expirable auth token anyways.

I see that warden sets something like this:

warden.user.user.key"=>["User", [4975], "Ejm5RbQhYVnNYFU7wX2o"]

Is it possible to simply refer to this in some form via GET or POST

params? Is this advisable?

Thanks

相关阅读:
Top