diff --git a/app/models/user.rb b/app/models/user.rb
index 1d41028d59a959ce9e726653f3d795924a98b86e..0320a6208eb2a7e255648252d3fe593ba8bd4a2c 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,7 +1,7 @@
 class User < ActiveRecord::Base
   # Include default devise modules. Others available are:
   # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
-  devise :database_authenticatable,
+  devise :database_authenticatable, :token_authenticatable,
          :recoverable, :rememberable, :trackable, :validatable
 
   # Setup accessible (or protected) attributes for your model
@@ -25,6 +25,7 @@ class User < ActiveRecord::Base
     :foreign_key => :assignee_id,
     :dependent => :destroy
 
+  before_create :ensure_authentication_token
   scope :not_in_project, lambda { |project|  where("id not in (:ids)", :ids => project.users.map(&:id) ) }
 
   def identifier
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index e62db747a648567c1fb05cda8355549816bed177..68bf5a0ea39643691f2c592ba718fb071b53ab25 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -158,11 +158,11 @@
 
   # ==> Configuration for :token_authenticatable
   # Defines name of the authentication token params key
-  # config.token_authentication_key = :auth_token
+  config.token_authentication_key = :private_token
 
   # If true, authentication through token does not store user in session and needs
   # to be supplied on each request. Useful if you are using the token as API token.
-  # config.stateless_token = false
+  config.stateless_token = true
 
   # ==> Scopes configuration
   # Turn scoped views on. Before rendering "sessions/new", it will first check for
diff --git a/db/migrate/20111115063954_add_authentication_token_to_users.rb b/db/migrate/20111115063954_add_authentication_token_to_users.rb
new file mode 100644
index 0000000000000000000000000000000000000000..84433656d6c8d9b058a070f26cd6800a0f5227e7
--- /dev/null
+++ b/db/migrate/20111115063954_add_authentication_token_to_users.rb
@@ -0,0 +1,5 @@
+class AddAuthenticationTokenToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :authentication_token, :string
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index c9abdef4f7a5b780f370f8f4ebe854c042fc40f4..83f916d4acf55e04213323626edde370c3fae6dc 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20111111093150) do
+ActiveRecord::Schema.define(:version => 20111115063954) do
 
   create_table "issues", :force => true do |t|
     t.string   "title"
@@ -103,6 +103,7 @@
     t.string   "skype",                                 :default => "",    :null => false
     t.string   "linkedin",                              :default => "",    :null => false
     t.string   "twitter",                               :default => "",    :null => false
+    t.string   "authentication_token"
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 14d48114c30edb9a5271a2104c3bd8a937f797fb..a22aee75b0d13846e94bff4b1a98a92bfd9c0671 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -19,15 +19,20 @@
     user.identifier.should == "test_mail.com"
   end
 
+  it "should have authentication token" do
+    user = Factory(:user)
+    user.authentication_token.should_not == ""
+  end
+
   describe "dependent" do
-    before do 
+    before do
       @user = Factory :user
-      @note = Factory :note, 
+      @note = Factory :note,
         :author => @user,
         :project => Factory(:project)
     end
 
-    it "should destroy all notes with user" do 
+    it "should destroy all notes with user" do
       Note.find_by_id(@note.id).should_not be_nil
       @user.destroy
       Note.find_by_id(@note.id).should be_nil