Reputation: 1488
I am a beginner in the world of Rails. Can someone please explain to me like I am a 2 year old. What in the world does token authentication do? Is it recommended for your app from a security standpoint or you are fine just without it???
Upvotes: 0
Views: 111
Reputation: 3005
Security tokens provide the "what you have" component in 2 factor / multi-factor solutions.
As talking to a two year old,
You want to get in the house. You would need a 'key' - a token that the system can identify you with.
Upvotes: 0
Reputation: 3616
Token authentication is usually used to create auto-signin links in your emails.
User clicks on link like http://example.com/some_page?auth_token=some-very-secret-token, which contains token and is recognized by token value.
So there is no need to remember password to unsubscribe from your site emails, for example.
Upvotes: 1