{"id":29873748,"url":"https://github.com/tokenable/tokenable-ruby","last_synced_at":"2025-07-30T23:19:27.721Z","repository":{"id":54862730,"uuid":"330164866","full_name":"tokenable/tokenable-ruby","owner":"tokenable","description":"Tokenable is a Rails gem that allows API-only applications a way to authenticate users. This can be helpful when building Single Page Applications, or Mobile Applications. Works with Devise, Sorcery, has_secure_password, and any other auth system you may want to use.","archived":false,"fork":false,"pushed_at":"2023-12-04T15:38:52.000Z","size":96,"stargazers_count":13,"open_issues_count":4,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-27T05:28:19.863Z","etag":null,"topics":["api","authentification","rails"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tokenable.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-01-16T13:07:59.000Z","updated_at":"2025-07-13T09:57:20.000Z","dependencies_parsed_at":"2022-08-14T05:01:03.757Z","dependency_job_id":null,"html_url":"https://github.com/tokenable/tokenable-ruby","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/tokenable/tokenable-ruby","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tokenable%2Ftokenable-ruby","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tokenable%2Ftokenable-ruby/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tokenable%2Ftokenable-ruby/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tokenable%2Ftokenable-ruby/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tokenable","download_url":"https://codeload.github.com/tokenable/tokenable-ruby/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tokenable%2Ftokenable-ruby/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267960375,"owners_count":24172499,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-30T02:00:09.044Z","response_time":70,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","authentification","rails"],"created_at":"2025-07-30T23:19:26.772Z","updated_at":"2025-07-30T23:19:27.713Z","avatar_url":"https://github.com/tokenable.png","language":"Ruby","readme":"# Tokenable\n\n[![Gem Version](https://badge.fury.io/rb/tokenable-ruby.svg)](https://badge.fury.io/rb/tokenable-ruby)\n![Tests](https://github.com/tokenable/tokenable-ruby/workflows/Tests/badge.svg)\n[![codecov](https://codecov.io/gh/tokenable/tokenable-ruby/branch/main/graph/badge.svg?token=URF456H8RI)](https://codecov.io/gh/tokenable/tokenable-ruby)\n![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)\n![Project Status: WIP – Development is in progress](https://www.repostatus.org/badges/latest/wip.svg)\n\nTokenable is a Rails gem that allows API-only applications a way to authenticate users. This can be helpful when building Single Page Applications, or Mobile Applications. It's designed to work with the auth system you are already using, such as Devise, Sorcery and `has_secure_password`. You can also use it with any custom auth systems.\n\nSimply send a login request to the authentication endpoint, and Tokenable will return a token. This token can then be used to access your API, and any authenticated endpoints.\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'tokenable-ruby'\n```\n\nAnd then execute:\n\n```\nbundle install\n```\n\n## Usage\n\nOnce you have the gem installed, lets get it setup:\n\n```bash\nrails generate tokenable:install User --strategy=devise\n```\n\nWe make it easier for you, by adding out of the box support for some auth libraries. You can pick from the following options for `--strategy`, or leave it empty for a [custom strategy](https://github.com/tokenable/tokenable-ruby/wiki/Create-your-own-statergy):\n\n- [devise](https://github.com/heartcombo/devise)\n- [sorcery](https://github.com/Sorcery/sorcery)\n- [secure_password](https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html)\n\nThis will add a route, the configuration file at `config/initializers/tokenable.rb`, and add the required includes to your User model. There are no migrations to run in the default configuration.\n\n### Controllers\n\nTo limit access to your controllers/endpoints, you will need to include Tokenable.\n\n```ruby\nclass SomeController \u003c ApplicationController\n  include Tokenable::Authable\n\n  before_action :require_tokenable_user!\nend\n```\n\nAfter you have done this, the following methods are available:\n\n- `current_user`\n- `user_signed_in?`\n\n### Invalidate Tokens\n\nSometime you want to be able to force a user (or users) to login again. You can do this by adding the Verifier. To install this, run:\n\n```\nrails generate tokenable:verifier User\n```\n\nAnd then run your migrations:\n\n```\nrails db:migrate\n```\n\nYou can now invalidate all tokens by calling `user.invalidate_tokens!`.\n\n### Token Expiry\n\nBy default, tokens expire after 7 days. If you want to change this, you can set a config option.\n\n```ruby\n# Expire in 7 days (default)\nTokenable::Config.lifespan = 7.days\n\n# Tokens will never expire\nTokenable::Config.lifespan = nil\n```\n\n### Example Use Cases\n\nOnce you have this setup, you will then be able to integrate your Rails API with a mobile app, single page application, or any other type of system. Here are some example use cases:\n\n- [Using Tokenable with Nuxt.js Auth](https://github.com/tokenable/tokenable-ruby/wiki/Integration-with-Nuxt.js-Auth)\n- [Using Tokenable with Axios](https://github.com/tokenable/tokenable-ruby/wiki/Integration-with-Axios)\n- [Using Tokenable with Curl](https://github.com/tokenable/tokenable-ruby/wiki/Curl-Example)\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies.\n\nThen, run `bundle exec rspec` to run the tests.\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at \u003chttps://github.com/tokenable/tokenable-ruby\u003e. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/tokenable/tokenable-ruby/blob/main/CODE_OF_CONDUCT.md).\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).\n\n## Code of Conduct\n\nEveryone interacting in the Tokenable project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/tokenable/tokenable-ruby/blob/main/CODE_OF_CONDUCT.md).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftokenable%2Ftokenable-ruby","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftokenable%2Ftokenable-ruby","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftokenable%2Ftokenable-ruby/lists"}