Hitting the API with an expired authorization_token redirects and breaks COORS.

joatuapp / joatu-app

The JoatU application, written in Ruby on Rails and ChaplinJS.

GNU Affero General Public License v3.0

8 stars 3 forks source link

Hitting the API with an expired authorization_token redirects and breaks COORS. #28

Open undergroundwebdesigns opened 9 years ago

undergroundwebdesigns commented 9 years ago

If the frontend sends an expired or otherwise invalid authorization_token, the API gets caught in a redirect which breaks COORS. Likely a case where we need to over-ride Devise default behaviour for this case.