i trying make rails web app along rails api mobile app. purpose using devise along devise token auth.
i configured routes written in devise token auth gem have routes regular devise , devise auth token.
i have 2 problems:
- when add include devisetokenauth::concerns::setuserbytoken application_controller overwrites devise
authenticate_user!, on web side being aunthenticated token.
possible solution: created separet apiapplicationcontroller api controllers inherit.
class apiapplicationcontroller < actioncontroller::base include devisetokenauth::concerns::setuserbytoken protect_from_forgery with: :null_session end - for each post request in curl api need add csrf token.
possible solution: add both applictioncontroller , apiapplicationcontroller if: proc.new { |c| c.request.format == 'application/json' } after protect_from_forgery with: :null_session
i used same problem yours, solution working:
# application_controller.rb class applicationcontroller < actioncontroller::base protect_from_forgery with: :null_session, if: ->{request.format.json?} end # api_application_controller.rb class apiapplicationcontroller < actioncontroller::base include devisetokenauth::concerns::setuserbytoken before_action :authenticate_user! end 
Comments
Post a Comment