React on Rails with Devise Token Auth

[danilomartinelli]

Hey guys, I am tring to use the framework React on Rails with devise otken auth lib, I need to pass the authorization headers as cookies to use server side :authenticate_api_user! and current_api_user, I enabled the cookie configuration and set the access-token as cookie, but I got a error unexpected token

• Version: gem 'devise_token_auth', :git => 'https://github.com/lynndylanhurley/devise_token_auth.git', :branch => 'master'

• Request and response headers: Cookie: _todo_list_session=YLuAkCaUURwJ7QUl2zqQEIFn5d8pqkyGUvTxwulSeh7%2BHuu0AGWaaso6rE6InPoCeMZpeKXSGBqYfa%2FviRsVqLB%2BGmTAwOQpAmpM%2FAJdqxVLPFEGYjLS4EwyPYQXTDk3dbN8GbYS59J4%2FeSW0CnEfE4W8wDgiXhm%2B1GeXnTzTfxox%2Bk%2FnJMqCwmE6iOKmwkqtGKCtWI7zdKcyThicAqRiSln6TibbRYJl%2BJQB5OcozkU%2FAQCfrFlT64CF0UXTHf3ZdoMnAVhmatoocM8xVtSkyG7JUj0sUHJEro%3D--yUrsvamsFMQvmIz0--q7g1Twpfut5M9JpBRb3Ksw%3D%3D; access-token=hwJhzsgOQXBLlFjWWa0aZg; client=NPY-6oM4LBmkr3yllu4j-g; uid=danilomartinelli429%40gmail.com; expiry=1647612276; token-type=Bearer

• Rails Stacktrace: 783: unexpected token at 'hwJhzsgOQXBLlFjWWa0aZg'

• Custom Overrides: what have you done in terms of [custom controller overrides]

  config.cookie_enabled = true

  config.cookie_name = 'access-token'

  config.change_headers_on_each_request = false

• Custom Frontend: React on Rails

[mdodell]

I'm also having this same issue!

[theblang]

Hey @danilomartinelli ! Quick question, did you set any config.cookie_attributes? Also, could you add a screenshot of the Cookies tab in devtools for the /auth/sign_in request?

[danilomartinelli]

Hey @danilomartinelli ! Quick question, did you set any config.cookie_attributes? Also, could you add a screenshot of the Cookies tab in devtools for the /auth/sign_in request?

@theblang I didn't set cookie_attributes, What Do I need to set?

[theblang]

@danilomartinelli You can set any of the standard Rails attributes. If you're not setting expires, then I think Rails defaults to end of session.

[dberardo-com]

hi there, i hope this question is related:

• is it possible to set a cookie that is shared both by token auth and the regular devise controller, so that the user can authenticate in either one of the 2 ways and be authorized by both devise controllers?

so basically user can authenticate both via token "auth/" or via regular "users/sign_in" url and thanks to the shared cookie it will be authorized on both endpoints without need of relogin.

same would go for logout.