16

So, I found gems like pretender, user_impersonate2 and switch_user. They all seem to accomplish the similar goal - switching current_user for systems like Devise, for "monolith" Rails apps.

I have a React client talking to a Rails app. The admin page is implemented directly in Rails (it's a view), and the client is separated. Currently, client makes POST requests to Devise routes that provide an access_token via devise-jwt, and saves the token in browser's localstorage.

Is there a recommended way on allowing administrators to log in as users and be redirected from the admin (Rails) page to the client (React) page? Preferably with minimum changes to the frontend code, but I can make do with that.

I thought about sharing cookies via a shared root domain, but that smells of security issues to me.

I'm not sure how can I make the client app to "listen" for the token change made in the Rails app, or any similar way of changing the current user from the client's perspective.

Oleksii Filonenko
  • 1,551
  • 1
  • 17
  • 27
  • 3
    Hi, I know it's been a while but did you manage to implement this feature? Did you maybe try any of those gems you listed above? – zauzaj Aug 18 '20 at 13:16
  • I don't know what your token expiration policies look like, but isn't it possible to serve the user's JWT to the admin page and have some JS on the front-end side simply make an HTTP 1.1 request with `Set-Cookie: foo_bar` or something similar? It really just depends on token expiry - unless I'm missing something. – Kevin Maze Sep 08 '22 at 21:45
  • You really don't talk about the behavior you want. Or at least I don't get it. Does the user have 2 windows open? You want the client view to change when the admin view changes users? Or do you want the user on the admin page to be redirected to the client page when they select a new user? Or you want it to open a new window when they select a new user? And you want the user to stick to that window only or all windows? The behavior you want will likely affect the implementation. – kwerle Jul 08 '23 at 19:12

0 Answers0