Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Impersonate user #802

Closed
brunowego opened this issue Jan 4, 2017 · 4 comments
Closed

Impersonate user #802

brunowego opened this issue Jan 4, 2017 · 4 comments

Comments

@brunowego
Copy link

I'm very frustrated with this, maybe you can help me. I'm trying to do impersonate a user, but whenever I update the page the session is changed.

My controller method bellow:

def impersonate
  authorize @current_user # pundit ok!

  session[:impersonator_id] = @current_user.id

  warden.set_user @user, scope: :user

  render json: { message: "You are now impersonating #{@user.name}" }
end

Any idea how do this or tip? Thanks!
@rubyconvict
Copy link

I wouldn't play with warden or session. In this method, try to:

  • add a new auth_token to user's tokens
  • save the user (with a new token)
  • sign_in as the user with a new token (devise method)
  • return the new auth headers in the action's response headers

@zachfeldman
Copy link
Contributor

Possible solution posted (thanks @rubyconvict ), closing for now.

@ausangshukla
Copy link

So anyone has a code snippet that I can use to do impersonation ?
TIA

@eterry1388
Copy link 

user = User.find(1)
user_token = user.create_token
user.save!

{
  "Access-Token" => user_token.token,
  "Client" => user_token.client,
  "Expiry" => user_token.expiry,
  "Uid" => user.uid,
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@rubyconvict @brunowego @ausangshukla @zachfeldman @eterry1388