Rails always returning 401 when using ember-cli-simple-auth-devise

1
votes

Very new to programming in general, little experience with Rails and very little to no experience with ember. I may be taking embers "build ambitious web apps" too ambitiously at the moment. I can not get authentication with Devise setup properly. It is always returning 401 when trying to authenticate via ember and for some reason when I make some of the required changes for ember-simple-auth to work via the github page, my rails "flash messages" start error out. As in when I visit /users/sign_in via the browser for html. More detail on that after I show the code I feel is relevant. Let me know what else I need to post if I leave anything out.

I'm using the following setup:

  • ember-cli: 0.1.15

  • ember-cli-simple-auth: 0.7.3

  • ember-cli-simple-auth-devise: 0.7.3

do I need both simple-auth and simple-auth-devise, or does ember-cli-simple-auth-devise encompass/contain ember-cli-simple-auth?

  • rails: 4.2.0

  • devise: 3.4.1

Ember Code

config/environment.js



    ENV['simple-auth'] = {
      authorizer: 'simple-auth-authorizer:devise',
    };

    ENV['simple-auth-devise'] = {
      crossOriginWhitelist: ['*'],
      //serverTokenEndpoint: 'http://localhost:3000/users/sign_in'
      //I have tried it both with and with out serverTokenEndpoint
    };

app/controllers/login.js



       import Ember from 'ember';
       import LoginControllerMixin from 'simple-auth/mixins/login-controller-mixin';

        export default Ember.Controller.extend(LoginControllerMixin, {
          authenticator: 'simple-auth-authenticator:devise'
        });



app/routes/application.js

    import Ember from 'ember';
    import ApplicationRouteMixin from 'simple-auth/mixins/application-route-mixin';

    export default Ember.Route.extend(ApplicationRouteMixin);

app/routes/protected.js



    import Ember from 'ember';
    import AuthenticatedRouteMixin from 'simple-auth/mixins/authenticated-route-mixin';

    export default Ember.Route.extend(AuthenticatedRouteMixin);

app/templates/login.hbs



    
        Login
        {{input value=identification placeholder='Enter Login'}}
        Password
        {{input value=password placeholder='Enter Password' type='password'}}
        Login

Rails Code

app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  #commented the following out to rule it out.
  #protect_from_forgery with: :null_session

  before_filter :authenticate_user_from_token!

  before_filter :authenticate_user!

  def authenticate_user_from_token!
    authenticate_with_http_token do |token, options|
      user_email = options[:user_email].presence
      user = user_email && User.find_by_email(user_email)

      if user && Devise.secure_compare(user.authentication_token, token)
        sign_in user, store: false
      end
    end
  end

end

app/controllers/sessions_controller.rb

class SessionsController < Devise::SessionsController
  respond_to :html, :json

  def create
    super do |user|
      if request.format.json?
        data = {
          token:      user.authentication_token,
          user_email: user.email
        }
        render json: data, status: 201 and return
      end
    end
  end
end

app/models/user.rb

class User < ActiveRecord::Base

  before_save :ensure_authentication_token
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable

  def ensure_authentication_token
     if authentication_token.blank?
       self.authentication_token = generate_authentication_token
     end
   end

   private

     def generate_authentication_token
       loop do
         token = Devise.friendly_token
         break token unless User.where(authentication_token: token).first
       end
     end

end

config/routes.rb

  resources :specials

  #devise_for :users
  devise_for :users, controllers: { sessions: 'sessions' }

  root to: 'specials#index'

When I submit the ember login form no matter what I submit I receive back:

Started POST "/users/sign_in" for 127.0.0.1 at 2015-03-04 19:50:57 -0500
Processing by SessionsController#create as JSON
  Parameters: {"user"=>{"password"=>"[FILTERED]", "user_email"=>"[email protected]"}}
Completed 401 Unauthorized in 7ms

If I visit http://localhost:3000/users/sign_in I receive the following:

/app/views/layouts/application.html.erb where line #11 raised:

undefined method `flash' for #<ActionDispatch::Request:0x007fec37dfe708>

app/views/layouts/application.html.erb

<p class="notice"><%= notice %></p>
<p class="alert"><%= alert %></p>
<%= yield %>

this error appeared after I made the advised changes from https://github.com/simplabs/ember-simple-auth/tree/master/packages/ember-simple-auth-devise

1
ruby-on-railsdeviseember-cli

1 Answers

1
votes

This an issue that has been fixed by https://github.com/simplabs/ember-simple-auth/pull/456. Just update your app/controllers/application_controller.rb and your app/controllers/sessions_controller.rb according to the revised https://github.com/simplabs/ember-simple-auth/blob/master/packages/ember-simple-auth-devise/README.md. Also add

identificationAttributeName: 'email'

to ENV['simple-auth-devise'] in config/environment.js. This last addition can be removed again, onces the changes of the pull request are released.