devise omniauth redirect issue after installing devise_token_auth

[sparshsamir1993]

I had a working devise+ facebook omniatuh application. After configuring this gem to make an api for my app, I have started getting the issue.

In the web app, i use the omniauth callback method for user sign in but for the API, I use Koala gem and native facebook plugin to identify the user.

I have the routes configured as...
`
Rails.application.routes.draw do

devise_for :users,:controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }, skip: ["devise_token_auth/concerns"], via: [:get, :post]
namespace :admin do
resources :users
end
namespace :api do
namespace :v1 do
resources :users, only: [:index, :show]
mount_devise_token_auth_for 'User', at: 'auth', skip: [:omniauth_callbacks], via: [:get, :post]
post '/auth/authenticatFacebookToken' => 'users#authenticatFacebookToken', as: :fbtokenauth
end
end
root to: 'visitors#index'
end
`
So now when I click login to facebook in my app, it redirects to "http://localhost:3000/api/v1/auth/sign_in#_=_"
And, the error "{"errors":["Use POST /sign_in to sign in. GET is not supported."]}"

my omniauth callbacks controller
`
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
# You need to implement the method below in your model (e.g. app/models/user.rb)
@user = User.from_omniauth(request.env["omniauth.auth"])
sign_in @user
redirect_to user_facebook_omniauth_callback_path
set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
end
end

`

How can I fix this?
Thanks!!

[zachfeldman]

Hey @sparshsamir1993 did you see this post?

#754 (comment)

Are you maybe forgetting a concern?

[sparshsamir1993]

The logs when i hit omniauth/facebook on my rails app.

 Started GET "/omniauth/facebook" for ::1 at 2018-02-16 16:17:42 +0530
I, [2018-02-16T16:17:42.895902 #12664]  INFO -- omniauth: (facebook) Request phase initiated.


Started GET "/omniauth/facebook/callback?code=AQDrfYURb9ZK7f96n0NfW5dxkcNsc9AoDBnKauPGe44c6gNQ3-XeGvJrRl2ASL5X3rtjPYKRSXY0stzFHZOqMm4oLFDMaWRc_1AYLjWaaK3EFPBn8pTpjYpVvkdJViE-Ci5QGYH4pIy1PoRsQ7zDg_225FlHCOq37elc3ybsVwqKbgmEQEBrXpwy59-toFdYyuWDVa0-BXQyMxgSnVrurvJeOw5X5odC867mm8Z8ms1mUCJrwB3msjFHtWcsC9aZr2IWNJ8N0BLDqaXwUZ4uR5eJ6_lcE_Z5cmNei-Wld-NGz8bawLZ_QSQkZ46nXgKYIqk" for ::1 at 2018-02-16 16:17:43+0530
I, [2018-02-16T16:17:43.748936 #12664]  INFO -- omniauth: (facebook) Callback phase initiated.
E, [2018-02-16T16:17:44.083502 #12664] ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"access_token":"EAAN5AP9sA8MBAFModa5KNzblkabjP7WbfmX2QPfLZCpAN5WzZA0p76urMGPYvxFCDwyeeX7Yyn2mzCUR9BzdYhNWpWb0SuG1xr85Knhy7KtyZAwd8TsZAXZBeXLZCvRicIs1vFbrVpIH3FboE7czqjLjjtyW8kMR4ZD","token_type":"bearer","expires_in":5183762}
Processing by Devise::OmniauthCallbacksController#failure as HTML
  Parameters: {"code"=>"AQDrfYURb9ZK7f96n0NfW5dxkcNsc9AoDBnKauPGe44c6gNQ3-XeGvJrRl2ASL5X3rtjPYKRSXY0stzFHZOqMm4oLFDMaWRc_1AYLjWaaK3EFPBn8pTpjYpVvkdJViE-Ci5QGYH4pIy1PoRsQ7zDg_225FlHCOq37elc3ybsVwqKbgmEQEBrXpwy59-toFdYyuWDVa0-BXQyMxgSnVrurvJeOw5X5odC867mm8Z8ms1mUCJrwB3msjFHtWcsC9aZr2IWNJ8N0BLDqaXwUZ4uR5eJ6_lcE_Z5cmNei-Wld-NGz8bawLZ_QSQkZ46nXgKYIqk"}
Redirected to http://localhost:3000/api/v1/auth/sign_in
Completed 302 Found in 1ms (ActiveRecord: 0.0ms)


Started GET "/api/v1/auth/sign_in" for ::1 at 2018-02-16 16:17:44 +0530
Processing by DeviseTokenAuth::SessionsController#new as HTML
Completed 405 Method Not Allowed in 8ms (Views: 7.2ms | ActiveRecord: 0.0ms)

Already have concern included in api/v1/users_controller

class Api::V1::UsersController < Api::V1::BaseController
    protect_from_forgery with: :null_session
    skip_before_filter :verify_authenticity_token
    require 'koala'
    include DeviseTokenAuth::Concerns::SetUserByToken

    def index
       users = User.all

       render(
         json: ActiveModel::ArraySerializer.new(
           users,
           each_serializer: Api::V1::UserSerializer,
           root: 'users',
         )
       )
     end
    def show
      @user = User.find(params[:id])
      render(json: Api::V1::UserSerializer.new(@user).to_json)
    end

    def authenticatFacebookToken
      @graph = Koala::Facebook::API.new(params[:'access-token'])
      profile = @graph.get_object('me', fields:'email,first_name,last_name')
      @user = User.find_or_create_by(email: profile['email'])
      if @user.update('access-token': params[:'access-token'])
        puts "------------"
        sign_in @user
        @client_id = SecureRandom.urlsafe_base64(nil, false)
        @token     = SecureRandom.urlsafe_base64(nil, false)
        @user.tokens[@client_id] = {
          token: BCrypt::Password.create(@token),
          expiry: (Time.now + DeviseTokenAuth.token_lifespan).to_i
        } 
        auth_header = @user.build_auth_header(@token, @client_id)
        response.headers.merge!(auth_header)
        
        render(json: Api::V1::UserSerializer.new(@user).to_json)
      
      end      
    end
end

Also in the normal webapp the user wont be set by token. By facebook ,login. THis user controler is for the api users

an my /users/omniauth_callbacks_controller.rb

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def facebook
    byebug
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.from_omniauth(request.env["omniauth.auth"])


      sign_in @user
      redirect_to user_facebook_omniauth_callback_path
      set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
  end

end

[sparshsamir1993]

@zachfeldman any clue?

[zachfeldman]

Nope, sorry I'm all out of ideas.

[mikeover]

Maybe because you have skip: ["devise_token_auth/concerns"] in your routes?

[sparshsamir1993]

Hey, closing this.

Searched for this " ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :"

Got that i was using a pretty old version of omniauth-facebook. Had to use at least '4.1'

Thanks a lot.
Cheers.