Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No authentication headers when using Single Table Inheritance on my User model #783

Closed
aaronshim opened this issue Dec 3, 2016 · 2 comments
Closed

No authentication headers when using Single Table Inheritance on my User model #783

aaronshim opened this issue Dec 3, 2016 · 2 comments

Comments

@aaronshim
Copy link

Hello,
I have my user model set up as such

class User < ActiveRecord::Base
  devise :database_authenticatable, :registerable,
          :recoverable, :rememberable, :trackable, :validatable,
          :confirmable, :omniauthable
  include DeviseTokenAuth::Concerns::User

  ...

end

with SIngle Table Inheritance models set up as

class Applicant < User; end
class Judge < User; end
class Admin < User; end

and in my config/routes.rb

mount_devise_token_auth_for 'User', at: 'auth', controllers: { registrations: 'users/registrations' }

I want to use Single Table Inheritance because I intend to treat the main User model almost as an abstract class and have all accounts be either an Applicant, Judge, or Admin, where I can leverage polymorphism to define custom validations for each of the different types of accounts, etc. Yes, I've considered using a gem to take care of the roles, but since my roling is very primitive (always applicant, judge, or admin) and I would like to leverage inheritance, I thought a simple inheritance pattern was more fitting for the occasion.

Since all accounts will have a single sign-up and sign-in flow regardless of the type of account, I only mounted the devise routes for the superclass, rather than individually for each of the subclasses.

The problem arises when attempting to log on. The response body will come back properly, but the header will come back missing the uid, authentication-token, and client fields.

Stepping through the code in this gem, I believe the problem to be on this line:
https://github.com/lynndylanhurley/devise_token_auth/blob/master/app/controllers/devise_token_auth/concerns/set_user_by_token.rb#L50
By changing the line from

return @resource if @resource and @resource.class == rc

to

return @resource if @resource and @resource.is_a? rc

I was able to get my Single Table Inheritance user models to log in properly and respond with the correct headers.

My questions are:

  1. Is this a valid fix? Is this change consistent with the intended behavior of this line of code?
  2. If not, is there something in the configuration of devise_token_auth or the mounting of relevant routes that I could change to achieve this behavior?

Thank you for your help.
nzacca added a commit to nzacca/devise_token_auth that referenced this issue Jan 28, 2017
@nzacca
[f] Attempt to support STI
f50980f 
lynndylanhurley#783
@rrooding
Copy link

This solved it for me as well, I hope someone can clear up if this is the way to go.

@zachfeldman
Copy link
Contributor

Workaround posted, closing for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rrooding @zachfeldman @aaronshim