search

kylecorbelli / redux-token-auth

Redux actions and reducers to integrate easily with Devise Token Auth
MIT License
154 stars 80 forks source link

missing userAttributes in axios response after sign in. #27

Closed DonGiulio closed 6 years ago

DonGiulio commented 6 years ago

I'm trying to setup token auth with devise_token_auth and redux-token-auth,

I'm finding troubles in getting the tokens to the client.

I've traced everything down to this axios call, which supposedly retrieves the headers and persists them in storage with persistAuthHeadersInLocalStorage.

I traced the response in my browser, and here is the response headers:

HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://localhost:3000
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Access-Control-Expose-Headers: 
Access-Control-Max-Age: 1728000
Content-Type: application/json; charset=utf-8
access-token: 8bpg8pp2FRKhvcScQUIgxg
token-type: Bearer
client: TBb9IT84WDuLsM5oz2FrrA
expiry: 1519832141
uid: example@email.com
ETag: W/"fb799992d4bd7543a5b87ff6b7336c6a"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 19ec6d96-4723-4e4a-a8e5-3aed95a04cb4
X-Runtime: 0.309355
Vary: Origin
Transfer-Encoding: chunked

and the response body is: 

{
  "data": {
    "id": 28,
    "email": "example@email.com",
    "provider": "email",
    "uid": "example@email.com"
  }
}

I added some logging to the response in the form of: 

console.log("RESPONSE " + JSON.stringify(response))

and this the response object I get is this: 

{
  "data": {
    "data": {
      "id": 28,
      "email": "example@email.com",
      "provider": "email",
      "uid": "example@email.com"
    }
  },
  "status": 200,
  "statusText": "OK",
  "headers": {
    "content-type": "application/json; charset=utf-8",
    "cache-control": "max-age=0, private, must-revalidate"
  },
  "config": {
    "transformRequest": {},
    "transformResponse": {},
    "timeout": 0,
    "xsrfCookieName": "XSRF-TOKEN",
    "xsrfHeaderName": "X-XSRF-TOKEN",
    "maxContentLength": -1,
    "headers": {
      "Accept": "application/json, text/plain, */*",
      "Content-Type": "application/json;charset=utf-8"
    },
    "method": "post",
    "url": "http://localhost:5000/auth/sign_in",
    "data": "{\"email\":\"example@email.com\",\"password\":\"password\"}"
  },
  "request": {}
}

no traces of several headers, especially the access-token one which is the one I need for the token authorisation.

any clues where that would be?

DonGiulio commented 6 years ago

I also double checked back end (using Postman) and front end (using an express server) in isolation, I confirm that Postman receives the parameters from the back end, and somehow Axios doesn't receive. Here's the code of my express server: 

const express = require("express");
var cors = require("cors");

const app = express();

app.use(cors());

app.post("/auth/sign_in", (req, res) => {
  res.header({
    "access-token": "8bpg8pp2FRKhvcScQUIgxg",
    uid: "example@email.com",
    client: "TBb9IT84WDuLsM5oz2FrrA",
    expiry: "1519832141"
  });

  res.json({
    data: { errors: { email: "wrong", password: "ugly" } }
  });
});

app.listen(5000, () => console.log("Example app listening on port 5000!"));
DonGiulio commented 6 years ago

I seem to have figured it out, it wasn't a problem with the client, the CORS configuration needed to explicitly expose the extra headers with: 

    expose:  ['access-token', 'expiry', 'token-type', 'uid', 'client'],
fkotsian commented 6 years ago

You, sir, are awesome. Just calling this out in case it helps anyone else

cdesch commented 6 years ago

@DonGiulio what was your devise_token_auth config? I'm getting similar errors where I can POST to devise_auth_token using j-token but cannot via redux-token-auth