Reputation: 107
Storing access token object in rails 4
Hi all currently I am facing an issue while storing object of OAuth::AccessToken. First let me describe the situation.
I am working on rails 4 application and I am consuming / using API of another site say example.com, which uses 3-legged oauth authorization (same as twitter). To achieve this functionality I have used this link and implemented the same.
Now I am able to open communication channel between the example.com and my application also able use their API's.
Here is my sample implementation
Create consumer
consumer = OAuth::Consumer.new API_KEY,
API_SECRET,
{
site: SITE_URL,
header: { ACCEPT_HEADERS },
http_method: :get,
request_token_url: request_token_uri,
access_token_url: access_token_uri,
authorize_url: authorizerequest_token_uri
}
Fetching request token
request_token = consumer.get_request_token({}, CALLBACK_URL)
Goto to the authorize url and get the access token verifier'
request_token.authorize_url
verifier = gets.chomp
Fetch access tokene
access_token = request_token.get_access_token(oauth_verifier: verifier)
Now I am using this access_token (Object of OAuth::AccessToken) throughout the application. (For making get, post API calls). As I have to use in the application I have stored this object into the session.
session[:access_token] = access_token
But sometimes I am getting the cookie overflow error. So I have a following queries.
- What is the good way to store this object? (other than DB).
- Should I have to implement middleware?
- Or is there any other way to achieve same type of functionality.
Upvotes: 2
Views: 2103
Answers (2)
Reputation: 4446
I got the same type of problem. I have stored access token in database, (I am using mysql database). For this, I have used Marshal class of ruby.
From the doc
The marshaling library converts collections of Ruby objects into a byte stream, allowing them to be stored outside the currently active script. This data may subsequently be read and the original objects reconstituted.
Here is my sample code for storing the access token
access_token = request_token.get_access_token(oauth_verifier: verifier)
encrypt_access_token = Marshal.dump(access_token)
AccessTokenUser.create(user_id: 1, access_token: encrypt_access_token)
Retrieve stored acceess_token
decrypt_access_token = Marshal.load(access_token)
Then you can use this decrypted access token for making API call.
Upvotes: 1
Reputation: 2365
You can try a different session storage mechanism, for example memcached or redis (on the server). This may allow for a larger session. However, this is just "implementing a different type of database".
If you were brave or foolish, you could also try compressing the data or storing it directly in an encrypted cookie, or splitting into multiple chunks and storing in separate cookies, but all these are hacks and the best answer is to implement a db backend or upgrade your session storage. :)
Upvotes: 0
Related Questions
- Getting error: Peer authentication failed for user "postgres", when trying to get pgsql working with rails
- MapMyFitness API OAuth questions
- Understanding the Rails Authenticity Token
- How do I get the current absolute URL in Ruby on Rails?
- OAuth 2.0: Benefits and use cases — why?
- How can I rename a database column in a Ruby on Rails migration?
- Getting "RuntimeError: SSL Session wasn't initialized" error rails
- Twitter oauth invalid oauth_verifier parameter
- Get access token request failed with OAuth::Unauthorized 401 problem in Rails