Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

access-token provided but disappears #153

Closed
dekz opened this issue May 27, 2015 · 2 comments
Closed

access-token provided but disappears #153

dekz opened this issue May 27, 2015 · 2 comments

Comments

@dekz
Copy link

dekz commented May 27, 2015

Hi Lynn,

I'm library some strange issues with using the library, in conjunction with the devise_token_auth.

From what I can see in Postman, the headers are being returned:

screen shot 2015-05-27 at 4 43 08 pm

I can confirm this in the Chrome dev tools network as well:

screen shot 2015-05-27 at 4 44 12 pm

But nothing is written to Local Storage, or the Cookies if I try that method. I added an interceptor and it seems to return undefined for the header as well.

.config(function($authProvider, $httpProvider) {
  $httpProvider.interceptors.push(function($q, $injector)  {
    return {
     'request': function(config) {
       return config || $q.when(config)
      },

      'response': function (response, $auth) {
        console.log('interceptor response', response)
        console.log('interceptor response', response.headers('access-token'))
        return response || $q.when(response);
      }
    };
  });

I am even trying a special handleLoginResponse:

      handleLoginResponse: function(response, $auth) {
        console.log("response");
        console.log(response);
        $auth.persistData('auth_headers', {

          // save the token
          'Authorization': 'Bearer ' + response['access_token'],

          // convert the expiry value into a date that this module understands
          'expiry': new Date().getTime() + response['expires_in']
        });
        return response.data;
      },

I get a 200 with a serialized user model (no auth_token in the serialized user model) when I sign in, just something weird happens in between!

screen shot 2015-05-27 at 4 49 22 pm
@dekz
Copy link
Author

dekz commented May 27, 2015

That Access-Expose-Headers looks suspiciously empty... My CORS in Rails is:

    config.middleware.insert_before 0, "Rack::Cors" do
      allow do
        origins '*'
        resource '*',
          :headers => :any,
          :expose  => ['access-token', 'expiry', 'token-type', 'uid', 'client'],
          :methods => [:get, :post, :options, :delete, :put]
      end
    end

@dekz
Copy link
Author

dekz commented May 27, 2015

Sorry mate this was totally an issue with me, for some reason the expose isn't working in CORS with that code.

    config.action_dispatch.default_headers = {
      'Access-Control-Expose-Headers' => ['access-token', 'expiry', 'token-type', 'uid', 'client'].join(',')
    }

That forces it to happen without the CORS gem.

@dekz dekz closed this as completed May 27, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dekz