Devise github login not working after Turbo enabled.

[ChrisZou]

I'm using Devise GitHub omniauth login for an app and the login link looks like this:

# layouts/_header.html.erb
<%= link_to "Github Login", user_github_omniauth_authorize_path, method: :post, class: "some classes", "data-turbo" => "false" %>

After I enable Turbo, it no longer works. After inspecting the network, I found that when a user clicks on the link, it issues a fetch type request to the server, rather then a document type request.
My app is open-sourced here and you can reproduce it by uncommenting the // import { Turbo, cable } from '@hotwired/turbo-rails' line from application.js pack file.

[seanpdoyle]

Is this related to hotwired/turbo-rails#33?

[ChrisZou]

Hi @seanpdoyle, thanks for the reply! I think they do are related. But after I tried changing link_to to button_to as the discussion over there suggested, it still didn't work. The generated form looked like this

<form class="button_to" method="post" action="/users/auth/github" data-turbo="false">
    <input class="some classes" data-turbo="false" type="submit" value="Github Login">
    <input type="hidden" name="authenticity_token" value="some token value">
</form>

I noticed that the data-turbo="false" attribute was on the submit input control rather than on the form itself. Not sure if that was the cause because I tried editing the form and added the data-turbo="false" attribute, and it still didn't work. I think it might also be related to #26?

[excid3]

Here's what I did to get it working. I added a FailureApp to handle Warden auth failures and a custom responder. Both of those are needed to treat turbo_stream formats like html.

The latest Turbo will handle the 422 status for errors to correctly update the DOM without adding any turbo_stream views.

# config/initializers/devise.rb
# frozen_string_literal: true

class TurboFailureApp < Devise::FailureApp
  def respond
    if request_format == :turbo_stream
      redirect
    else
      super
    end
  end

  def skip_format?
    %w(html turbo_stream */*).include? request_format.to_s
  end
end

class TurboController < ApplicationController
  class Responder < ActionController::Responder
    def to_turbo_stream
      controller.render(options.merge(formats: :html))
    rescue ActionView::MissingTemplate => error
      if get?
        raise error
      elsif has_errors? && default_action
        render rendering_options.merge(formats: :html, status: :unprocessable_entity)
      else
        redirect_to navigation_location
      end
    end
  end

  self.responder = Responder
  respond_to :html, :turbo_stream
end

Devise.setup do |config|

  # ==> Controller configuration
  # Configure the parent class to the devise controllers.
  config.parent_controller = 'TurboController'

  # ==> Warden configuration
  config.warden do |manager|
    manager.failure_app = TurboFailureApp
  end
end

Screencast on how it all works: https://gorails.com/episodes/devise-hotwire-turbo?autoplay=1

[ChrisZou]

Hi Chris @excid3 , thank you for your response! Now that #3 has been merged, I think another way to fix this is by simply adding data-turbo="false" to the login form. 😁 I tried it in my project here and it worked.
BTW, thank you for all the awesome gorails videos. They have been very helpful to me. ❤️

[boardfish]

@ChrisZou's workaround is good for now, but it's not perfect as a and button are semantically different. I've discussed this more in #74.

I think the root cause is failed CORS, since the redirect goes to github.com in this case, as I've explained over there.

[sstephenson]

Closing this now that Turbo 7.0.0-beta.2 is out.

[marcoroth]

@0q2 the latest version of Devise fixes this, so there is no need for the work-around anymore.

[0q2]

@0q2 the latest version of Devise fixes this, so there is no need for the work-around anymore.

You are correct!