From 7c19493e5143408a4f2fb42b65164f4713b8f112 Mon Sep 17 00:00:00 2001
From: Thomas THIMOTHEE <thomas@oxynum.fr>
Date: Sat, 25 Jun 2016 11:03:44 +0200
Subject: [PATCH] Tweak to allow correct use of not changing headers on each
 request

---
 .../devise_token_auth/concerns/set_user_by_token.rb         | 6 +++---
 app/models/devise_token_auth/concerns/user.rb               | 4 ++++
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb
index e025c7802..71bb87f82 100644
--- a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb
+++ b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb
@@ -82,11 +82,12 @@ def update_auth_header
 
     # Generate new client_id with existing authentication
     @client_id = nil unless @used_auth_by_token
+    return if response.code.to_i >= 300
 
     if @used_auth_by_token and not DeviseTokenAuth.change_headers_on_each_request
       # should not append auth header if @resource related token was
       # cleared by sign out in the meantime
-      return if @resource.reload.tokens[@client_id].nil?
+      return if @resource.reload.tokens[@client_id].nil? && @client_id != 'default'
 
       auth_header = @resource.build_auth_header(@token, @client_id)
 
@@ -100,8 +101,7 @@ def update_auth_header
       @resource.with_lock do
         # should not append auth header if @resource related token was
         # cleared by sign out in the meantime
-        return if @used_auth_by_token && @resource.tokens[@client_id].nil?
-
+        return if @client_id != 'default' && @used_auth_by_token && @resource.tokens[@client_id].nil?
         # determine batch request status after request processing, in case
         # another processes has updated it during that processing
         @is_batch_request = is_batch_request?(@resource, @client_id)
diff --git a/app/models/devise_token_auth/concerns/user.rb b/app/models/devise_token_auth/concerns/user.rb
index df097b846..8be0e1376 100644
--- a/app/models/devise_token_auth/concerns/user.rb
+++ b/app/models/devise_token_auth/concerns/user.rb
@@ -186,6 +186,10 @@ def build_auth_header(token, client_id='default')
 
     # client may use expiry to prevent validation request if expired
     # must be cast as string or headers will break
+    # binding.pry
+    if self.tokens[client_id].nil? && client_id == 'default' || token.nil?
+      return create_new_auth_token
+    end
     expiry = self.tokens[client_id]['expiry'] || self.tokens[client_id][:expiry]
 
     max_clients = DeviseTokenAuth.max_number_of_devices