Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

devise_token_auth: can't work with Rails subdomain. #831

Closed
msanfilippof opened this issue Feb 13, 2017 · 2 comments
Closed

devise_token_auth: can't work with Rails subdomain. #831

msanfilippof opened this issue Feb 13, 2017 · 2 comments

Comments

@msanfilippof
Copy link

Hi everyone, sorry if I'm doing something bad, but I can't work with devise_token_auth and subdomain.
I have this:
constraints subdomain: 'api' do
mount_devise_token_auth_for 'Account', at: 'user_auth'
(...)
end

And routes seems correctly:

new_account_session GET /user_auth/sign_in(.:format) devise_token_auth/sessions#new {:subdomain=>"api"}

The error is: Unpermitted parameter: subdomain x3 times on a simple curl request:

curl -i -H "Content-Type: application/json" -d '{ "email": "[email protected]", "password": "***", "password_confirmation":"***" }' -X POST http://api.test.com:3000/user_auth/

Body Repsonse:

{"status":"error","data":{"id":null,"provider":"email","uid":"","email":"[email protected]","number":null,"user_id":null,"created_at":null,"updated_at":null},"errors":["Missing 'confirm_success_url' parameter."]}

Server Log:

Started POST "/user_auth/" for 127.0.0.1 at 2017-02-13 22:08:22 +0100

Processing by Overrides::RegistrationsController#create as */*
Parameters: {"email"=>"[email protected]", "password"=>"[FILTERED]", password_confirmation"=>"[FILTERED]", "subdomain"=>"api"}

Unpermitted parameter: subdomain
Unpermitted parameter: subdomain
Unpermitted parameter: subdomain
Completed 422 Unprocessable Entity in 134ms (Views: 0.2ms | ActiveRecord: 0.0ms)

I overridden the RegistrationController for method sign_in_params, to allow the .permit(:email, :password).

Without this overriding, I get a lot of errors on Unpermitted parameters again with subdomain.

If I remove the constraints subdomain: "api", I never get the error, but still there's 422: Unprocessable Entity for Processing by Overrides::RegistrationsController#create as */*
(VERY STRANGE as */* even if I put default: {format: 'json'} ), it returns also Unpermitted parameter: format. I don't know where I'm going wrong or how to solve.

Why doesn't work with subdomain?
Why is it unable to process entity?
@johannboutet
Copy link

Hello @marcosanfilippo,

Your problem comes from the error message "errors":["Missing 'confirm_success_url' parameter."].

You must send a confirm_success_url param with the data of your request so Devise Token Auth knows where to redirect users after successful email confirmation.

One other solution is to set a default_confirm_success_url in the initializer so you don't have to send the param with each request. You can have a look at the doc here:
https://github.com/lynndylanhurley/devise_token_auth#initializer-settings

The subdomain part is not the problem, I have Devise Token Auth setup on an api subdomain just like you and it works perfectly.

Hope it helps!

@msanfilippof
Copy link
Author

Thank you for your time. Unfortunately, this gem is heavy for my app. I switched back on Devise and use a custom session controller.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@johannboutet @msanfilippof