kylecorbelli / redux-token-auth

Redux actions and reducers to integrate easily with Devise Token Auth
MIT License
154 stars 80 forks source link

confirm_success_url not in params - preventing post request #55

Closed leenyburger closed 5 years ago

leenyburger commented 5 years ago

I'm using redux-token-auth with devise_token_auth. I can post to http://localhost:3000/api/v1/auth using curl or with Postman.

When I try to post to http://localhost:3000/api/v1/auth in my React class the request returns

Started POST "/api/v1/auth" for 127.0.0.1 at 2018-12-20 15:48:46 -0500
Processing by DeviseTokenAuth::RegistrationsController#create as JSON
  Parameters: {"email"=>"sdfafsadfasdf@email.com", "password"=>"[FILTERED]", "full_name"=>"supersecret", "registration"=>{"email"=>"sdfafsadfasdf@email.com", "password"=>"[FILTERED]", "full_name"=>"supersecret"}}
Unpermitted parameters: :format, :registration
Unpermitted parameters: :format, :registration
Unpermitted parameters: :format, :registration
Completed 422 Unprocessable Entity in 126ms (Views: 7.1ms | ActiveRecord: 0.0ms)

I THINK this is because there is no confirm_success_url parameter. If I remove this param from my postman request it fails. I have set confirm_success_url in config/initializers/devise_token_auth.rb config.default_confirm_success_url = 'https://www.google.com'

My SignUpForm.js

  submitForm = (event) => {
    event.preventDefault();
    const { registerUser } = this.props
    const {
      email,
      full_name,
      password,
      password_confirmation
    } = this.state

    registerUser({ email, full_name, password, password_confirmation })
      .then(() => {
        console.log('Good job')
      })
      .catch(error => { console.log('error' + error.message) })
  }

Is registerUser not sending the param correctly?

A workaround:

  1. Add confirm_success_url to userRegistrationAttributes in redux-token-auth-config
  2. Add confirm_success_url to state in the React SignUpForm
  3. Update the registerUser call to registerUser({ email, full_name, password, password_confirmation, confirm_success_url }) Param does not need to be whitelisted