Sign in, Sign out not working

[Danilo-Araujo-Silva]

rails: 5.1.4
ruby: 2.4.0
devise: 4.3.0
devise_auth_token: 0.1.42

I'm using Postman to do the tests.
Following the instructions and I can put the things to work. But unfortunately, not so properly.

When the sign in is done, I can receive the user informations, but no header with the client and the access-token was returned to me.

So I then tried to use the sign out. I inspected the token and the client that I should use and set it in the postman test. But this validation fails:

::BCrypt::Password.new(token_hash) == token

It will not fail if I change to ::BCrypt::Password.new(token_hash).to_s == token.

How can we solve this?

[lynndylanhurley]

Are you getting the value for token from the db? Because that won't work. We don't store tokens in plain-text for the same reason that passwords shouldn't be stored in plain text. See here for more info on how bcrypt-ruby works.

[johnnagro]

headers also missing, recently upgraded to devise 4.3.0 which seemed to break things...

rails: 4.2.10
ruby: 2.4.0
devise: 4.3.0
devise_auth_token: 0.1.42

[lynndylanhurley]

@johnnagro @Danilo-Araujo-Silva I did find some devise v4.3 issues when testing the other day. Can you try running against master and see if that resolves the issue? We're about to cut a release and I'd like to make sure it's working with the latest devise

[johnnagro]

@lynndylanhurley we will try that right now

[johnnagro]

@lynndylanhurley unfortunately, pulling from master did not fix this for us. it appears that @resource is undefined by the time sign-in gets to this line:

https://github.com/lynndylanhurley/devise_token_auth/blob/master/app/controllers/devise_token_auth/concerns/set_user_by_token.rb#L87

we are continuing to dig into this.

[johnnagro]

set_user_by_token is called when current_user is called during sign-in, probably to serialize the resource (user) object. set_user_by_token nils out @resource - we have a lead as to why, will update shortly...

[johnnagro]

@lynndylanhurley our issue seems to relate to our use of single table inheritance and the class check, as outlined in the PR we just submitted. In other words, we have a User model, but we use two sub-classes Boater and Dockmaster which inherit from User. This seems to result in set_user_by_token failing on the class check (User != Boater but Boater.is_a? User) and nilling out @resource.

@Danilo-Araujo-Silva are you also using single table inheritance on your main resource object?

[MaicolBen]

Seems that the @Danilo-Araujo-Silva issue is different, please reply what @lynndylanhurley asked the first time, otherwise we're closing this in 7 days.

[Danilo-Araujo-Silva]

Hi guys, I think, at least for my use case, we can close this issue. I don't know if it solved at all. But I found a way to use the devise itself but I not working with rails right now too, so probably I will can not test it soon.