Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

devise_token_auth routes does not stay within scope or namespace, overrides devise routes #1299

Open
adamrparsons opened this issue Jun 4, 2019 · 3 comments
Open

devise_token_auth routes does not stay within scope or namespace, overrides devise routes #1299

adamrparsons opened this issue Jun 4, 2019 · 3 comments

Comments

@adamrparsons
Copy link

adamrparsons commented Jun 4, 2019
edited
Loading

Hello,

When adding devise_token_auth into an existing rails + devise setup, we found it necessary to put devise_token_auth and the associated api into a namespace, in a similar approach to what jotolo did here:

#120 (comment)

Our implementation was as follows:

 namespace :api, defaults: {format: 'json'} do
    scope :v1 do
      mount_devise_token_auth_for 'User', at: 'auth', skip: [ :verify_authenticity_token ]
      resources :items, only: [:index, :show, :create]
    end
  end

We've gotten this to work for the most part, but rather troubling is that by mounting devise in this namespace, we expect the paths/urls to be contained to this namespace /api/v1 but instead devise_token_auth overrides devise's regular routes with its own implementations.

Examples of this is that omniauth implementations broke, forms use the wrong action urls, and accessing protected pages while unauthenticated returns a simpletext page instead of a redirect to login, that devise gives you.

Commenting out the mount_devise line fixes our forms, our omniauth, and everything else

The core of the issue here appears to be that even placing this inside a scoped namespace, devise_token_auth still overrides the root routes anyway.

We're trying to migrate from a server-side-rendered app to a react app with token auth, but this gem overriding devises routes breaks the existing rails app.

  • Version: 1.0.0
  • Environmental Info:
    • Gems: Rails, Devise, DeviseTokenAuth, ActiveAdmin
    • Custom Frontend: Existing app is ordinary rails, new app is react-based
@jefflyne
Copy link

jefflyne commented Jan 5, 2020

I'm having the same problem with devise_token_auth breaking my current omniauth implementation. Did you ever find a workaround?

@oLeVanNghia
Copy link

oLeVanNghia commented Feb 4, 2020
edited
Loading 

  namespace :api do
    namespace :v1 do
      namespace :admin do
        
        mount_devise_token_auth_for "Administrator", at: "", controllers: {
         sessions: "api/v1/admin/sessions"
        }
        resources :home, only: :index
      end
    end
  end

The same problem.
But below code run.

  namespace :api do
    namespace :v1 do
      namespace :admin do
        resources :home, only:  :index 
        mount_devise_token_auth_for "Administrator", at: "", controllers: {
         sessions: "api/v1/admin/sessions"
        }
      end
    end
  end

@f19ps
Copy link

f19ps commented Sep 1, 2020
edited
Loading

You can override get_redirect_route(devise_mapping) method in OmniauthCallbacksController returning your desired URL.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@oLeVanNghia @jefflyne @adamrparsons @f19ps