Has anyone any thoughts on logging in a user to a rails app after the user
logs in via the traditional form mechanism with devise?
My current thought line:
override devise sessions_controller with a custom method for using
user.auth_token object to validate and login the given user if the
auth_token is valid.
attempts:
utilizing the oAuth2 gem integration for devise as a model i've
customized the controller setup from the oAuth2 implementation for google
here:
class Users::OmniauthCallbacksController <
Devise::OmniauthCallbacksController
def google_oauth2
# You need to implement the method below in your model (e.g.
app/models/user.rb)
user = User.from_omniauth(request.env["omniauth.auth"])
if user.persisted?
sign_in_and_redirect user, notice: "Signed in!"
else
redirect_to new_user_registration_url
end
end
def failure
redirect_to root_path
end
end
by making my own here:
class Users::AuthTokenController < Devise::SessionsController
def create
self.resource = warden.authenticate!(auth_options)
# You need to implement the method below in your model (e.g.
app/models/user.rb)
user = resource(auth_options)
if user.persisted?
sign_in_and_redirect user, notice: "Signed in!"
else
redirect_to new_user_registration_url
end
end
def failure
redirect_to root_path
end
end
updating the user.rb file to include the auth_token method:
def self.auth_token(auth_token)
user.auth_token = auth_token
user.save!
end
and modifying my devise initializer to allow http_authenticatable to true.
when i do a curl to my app this is the result:
MacBook-Pro:evr_streamws medright1$ curl -IH "Authorization: Token
auth_token=a47a8e54b11c4de5a4a351734c80a14a"
http://localhost:3000/users/sign_in
HTTP/1.1 200 OK
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
ETag: W/"ba70bfa23607d06dae26fc796ed61e95"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie:
_evr_streamws_session=dThRaUgzSkJTRG9LU2xKcVFVc0M0Y3hFV1EyN3BBR0ZoR1pJYi9vREdEMWtyOWdPMC9nWmEwdDVEQ2YyMlVsSE9tTGZrd3lsS2Z3eWdBano0dUxQUjJ1Z3owYWtIVjZWZWxFSFg3Q0hhR0pZeHhia0lSdmtlb3U1K1NPTVlGaVRodzJiV2lGVFl3dVJqU1EvRWI1MzJBPT0tLWpmS2xCSWQzQ1Y3UUxHZ25nK2Jodmc9PQ%3D%3D--78c347429f29f47e8dfab4ba8ace89abb735aa27;
path=/; HttpOnly
X-Request-Id: 41982aa3-de14-42e8-952d-de54b9975390
X-Runtime: 0.212273
and the output from the server logs on the request:
Started DELETE "/users/sign_out" for ::1 at 2017-05-01 11:33:52 -0400
Processing by Devise::SessionsController#destroy as HTML
Parameters:
{"authenticity_token"=>"f4iw8J1pP0khuhWL2RFOaYFSeAiE78CDnEkutxJwuuybKVEO9PKNlJ49O6cO5TA3/EiDX/NFV5RSOCE3yKLgBw=="}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."id" = ?
ORDER BY "users"."id" ASC LIMIT ? [["id", 2], ["LIMIT", 1]]
(0.1ms) begin transaction
(0.0ms) commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
Started GET "/" for ::1 at 2017-05-01 11:33:52 -0400
Processing by HomeController#show as HTML
Completed 401 Unauthorized in 1ms (ActiveRecord: 0.0ms)
Started GET "/users/sign_in" for ::1 at 2017-05-01 11:33:52 -0400
Processing by Devise::SessionsController#new as HTML
Rendering
/Users/medright1/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/devise-4.2.1/app/views/devise/sessions/new.html.erb
within layouts/application
Rendered
/Users/medright1/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/devise-4.2.1/app/views/devise/shared/_links.html.erb
(1.6ms)
Rendered
/Users/medright1/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/devise-4.2.1/app/views/devise/sessions/new.html.erb
within layouts/application (11.3ms)
Completed 200 OK in 156ms (Views: 154.8ms | ActiveRecord: 0.0ms)
Finished "/cable/" [WebSocket] for ::1 at 2017-05-01 11:33:52 -0400
StreamChannel stopped streaming from stream_channel
Started GET "/cable" for ::1 at 2017-05-01 11:33:52 -0400
Started GET "/cable/" [WebSocket] for ::1 at 2017-05-01 11:33:52 -0400
Successfully upgraded to WebSocket (REQUEST_METHOD: GET, HTTP_CONNECTION:
Upgrade, HTTP_UPGRADE: websocket)
StreamChannel is transmitting the subscription confirmation
StreamChannel is streaming from stream_channel
i'm not being passed as an authenticated user when redirected to the
after_signin_path which should be /farms with these credentials.. any
thoughts are appreciated as i'm a bit fuzzy on the process for logging in a
user via an auth_token..
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/rubyonrails-talk/0520c7f1-9819-41fa-8cfc-9d8ea09e91ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
