Has anyone any thoughts on logging in a user to a rails app after the user logs in via the traditional form mechanism with devise?
My current thought line:
override devise sessions_controller with a custom method for using user.auth_token object to validate and login the given user if the auth_token is valid.
attempts:
utilizing the oAuth2 gem integration for devise as a model i’ve customized the controller setup from the oAuth2 implementation for google here:
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def google_oauth2
You need to implement the method below in your model (e.g. app/models/user.rb)
user = User.from_omniauth(request.env[“omniauth.auth”])
if user.persisted?
sign_in_and_redirect user, notice: “Signed in!”
else
redirect_to new_user_registration_url
end
end
def failure
redirect_to root_path
end
end
by making my own here:
class Users::AuthTokenController < Devise::SessionsController
def create
self.resource = warden.authenticate!(auth_options)
You need to implement the method below in your model (e.g. app/models/user.rb)
user = resource(auth_options)
if user.persisted?
sign_in_and_redirect user, notice: “Signed in!”
else
redirect_to new_user_registration_url
end
end
def failure
redirect_to root_path
end
end
updating the user.rb file to include the auth_token method:
def self.auth_token(auth_token)
user.auth_token = auth_token
user.save!
end
and modifying my devise initializer to allow http_authenticatable to true.
when i do a curl to my app this is the result:
MacBook-Pro:evr_streamws medright1$ curl -IH “Authorization: Token auth_token=a47a8e54b11c4de5a4a351734c80a14a” http://localhost:3000/users/sign_in
HTTP/1.1 200 OK
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
ETag: W/“ba70bfa23607d06dae26fc796ed61e95”
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _evr_streamws_session=dThRaUgzSkJTRG9LU2xKcVFVc0M0Y3hFV1EyN3BBR0ZoR1pJYi9vREdEMWtyOWdPMC9nWmEwdDVEQ2YyMlVsSE9tTGZrd3lsS2Z3eWdBano0dUxQUjJ1Z3owYWtIVjZWZWxFSFg3Q0hhR0pZeHhia0lSdmtlb3U1K1NPTVlGaVRodzJiV2lGVFl3dVJqU1EvRWI1MzJBPT0tLWpmS2xCSWQzQ1Y3UUxHZ25nK2Jodmc9PQ%3D%3D–78c347429f29f47e8dfab4ba8ace89abb735aa27; path=/; HttpOnly
X-Request-Id: 41982aa3-de14-42e8-952d-de54b9975390
X-Runtime: 0.212273
and the output from the server logs on the request:
Started DELETE “/users/sign_out” for ::1 at 2017-05-01 11:33:52 -0400
Processing by Devise::SessionsController#destroy as HTML
Parameters: {“authenticity_token”=>“f4iw8J1pP0khuhWL2RFOaYFSeAiE78CDnEkutxJwuuybKVEO9PKNlJ49O6cO5TA3/EiDX/NFV5RSOCE3yKLgBw==”}
User Load (0.3ms) SELECT “users”.* FROM “users” WHERE “users”.“id” = ? ORDER BY “users”.“id” ASC LIMIT ? [[“id”, 2], [“LIMIT”, 1]]
(0.1ms) begin transaction
(0.0ms) commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 5ms (ActiveRecord: 0.4ms)
Started GET “/” for ::1 at 2017-05-01 11:33:52 -0400
Processing by HomeController#show as HTML
Completed 401 Unauthorized in 1ms (ActiveRecord: 0.0ms)
Started GET “/users/sign_in” for ::1 at 2017-05-01 11:33:52 -0400
Processing by Devise::SessionsController#new as HTML
Rendering /Users/medright1/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/devise-4.2.1/app/views/devise/sessions/new.html.erb within layouts/application
Rendered /Users/medright1/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/devise-4.2.1/app/views/devise/shared/_links.html.erb (1.6ms)
Rendered /Users/medright1/.rbenv/versions/2.4.0/lib/ruby/gems/2.4.0/gems/devise-4.2.1/app/views/devise/sessions/new.html.erb within layouts/application (11.3ms)
Completed 200 OK in 156ms (Views: 154.8ms | ActiveRecord: 0.0ms)
Finished “/cable/” [WebSocket] for ::1 at 2017-05-01 11:33:52 -0400
StreamChannel stopped streaming from stream_channel
Started GET “/cable” for ::1 at 2017-05-01 11:33:52 -0400
Started GET “/cable/” [WebSocket] for ::1 at 2017-05-01 11:33:52 -0400
Successfully upgraded to WebSocket (REQUEST_METHOD: GET, HTTP_CONNECTION: Upgrade, HTTP_UPGRADE: websocket)
StreamChannel is transmitting the subscription confirmation
StreamChannel is streaming from stream_channel
i’m not being passed as an authenticated user when redirected to the after_signin_path which should be /farms with these credentials… any thoughts are appreciated as i’m a bit fuzzy on the process for logging in a user via an auth_token…