No header for username with dash

[Herz3h]

• Version: 0.1.43

• Request and response headers: xcode logs for headers:

  Headers [AnyHashable("X-Request-Id"): 057b3d83-6cfe-4651-81c1-09463dbf1fe5, AnyHashable("Cache-Control"): max-age=0, private, must-revalidate, AnyHashable("Etag"): W/"0c80c38d08d645d40fe5de9130c562e2", AnyHashable("X-Runtime"): 0.119533, AnyHashable("Content-Type"): application/json; charset=utf-8, AnyHashable("Transfer-Encoding"): Identity]

• Rails Stacktrace: No stacktrace, response has status 200

• Environmental Info: How is your application different from the reference implementation? This may include (but is not limited to) the following details:

  • Routes: using default auth routes
  • Gems: are you using MongoDB, Grape, RailsApi, ActiveAdmin, etc.? None of them
  • Custom Overrides: Custom update_auth_header to return headers on errors pages too (403 status):

    def update_auth_header
        # cannot save object if model has invalid params
        return unless @resource && @resource.valid? && @client_id

        # Generate new client_id with existing authentication
        @client_id = nil unless @used_auth_by_token

        if @used_auth_by_token && !DeviseTokenAuth.change_headers_on_each_request
            # should not append auth header if @resource related token was
            # cleared by sign out in the meantime
            return if @resource.reload.tokens[@client_id].nil?

            auth_header = @resource.build_auth_header(@token, @client_id)

            # update the response header
            response.headers.merge!(auth_header)

        else

            # Lock the user record during any auth_header updates to ensure
            # we don't have write contention from multiple threads
            @resource.with_lock do
                # should not append auth header if @resource related token was
                # cleared by sign out in the meantime
                return if @used_auth_by_token && @resource.tokens[@client_id].nil?

                # determine batch request status after request processing, in case
                # another processes has updated it during that processing
                @is_batch_request = is_batch_request?(@resource, @client_id)

                auth_header = {}

                # extend expiration of batch buffer to account for the duration of
                # this request
                if @is_batch_request
                    auth_header = @resource.extend_batch_buffer(@token, @client_id)

                    response.headers.merge!(auth_header)
                    # update Authorization response header with new token
                else
                    auth_header = @resource.create_new_auth_token(@client_id)

                    # update the response header
                    response.headers.merge!(auth_header)
                end

            end # end lock

        end

    end

Above code was change from this commit

Now if you create a username with a dash, for instance: my-username

The API does not return uid/accessToken/client headers.

[MaicolBen]

That's an old version but I don't think we changed anything related to that in recent versions. I am not following your error, where do we look for the username in that method? Was the user registered correctly?