2

I am trying to use devise_token_auth with jsonapi-resources. I have it set up where I can create users and sign in, but I cannot figure out how to access a controller that has needs to authenticate a user first. Here is my controller that I am trying to require authentication:

class FriendsController < JSONAPI::ResourceController
  include DeviseTokenAuth::Concerns::SetUserByToken
  before_action :authenticate_user!
end

When I try localhost:3000/friends, I get a 401 "Authorized users only." error, so I think it works. I think my main problem is Im not sure what to do with the access-token I get when I sign in. I have tried setting it in the header in my request, but still get the same "Authorized users only" error.

Caleb Sayre
  • 401
  • 1
  • 4
  • 12

2 Answers2

2

Better a late answer than none... devise_token_auth and jsonapi_resources work pretty well for me in a test setup. But, you need to set the request header correctly. It is not enough to transmit the "auth-token" header, you also heave to transmit the "client" token, the "uid" and the "token-type" header as well. Although I'm not entirely sure if the latter is actually required.

Markus Buschhoff
  • 176
  • 7
0

Devise token authentication is quite independent of jsonapi-resources. If you can get token authentication working (as explained in this answer, for example: Custom devise api token auth) you can simply extend your controller (or your ApplicationController) with the authentication concern and it should behave as a normal Rails controller would.

Community
  • 1
  • 1
davidgoli
  • 2,436
  • 1
  • 16
  • 13