I'm using the gem devise_token_auth for authentication in my Ruby on Rails web application. I would like to know how to implement the "Remember Me" feature when using devise_token_auth.
By default, when I make a request with the remember_me field set to true or '1', the "Remember Me" functionality does not seem to work. Here is an example of the login request:
POST http://localhost:3000/auth/sign_in
{
"email": "....",
"password": "...",
"remember_me": true
}
I have reviewed the configurations but haven't found any suitable options for enabling the "Remember Me" feature in devise_token_auth.
Could someone please guide me on how to properly enable the "Remember Me" functionality when using devise_token_auth? Am I missing any specific configurations or steps?
Thank you in advance for any assistance or suggestions.
The devise_token_auth doesn't provide such a remember-me feature for security reasons. Quote from their README:
[...] This gem refreshes the tokens on each request, and expires them in a short time, so the app is secure. [...]
But the gem allows you to configure the token lifespan, which is 2 weeks per default. In the config/initializers/devise_token_auth.rb file, you could, for example, set it to expire after one year:
DeviseTokenAuth.setup do |config|
# [...]
# By default, users will need to re-authenticate after 2 weeks. This setting
# determines how long tokens will remain valid after they are issued.
config.token_lifespan = 1.year
end