Resource mapping should be made dynamic?

mcordell / grape_devise_token_auth

Grape compatibility for devise_token_auth + devise + rails setup

MIT License

41 stars 29 forks source link

Resource mapping should be made dynamic? #17

Open hugobast opened 7 years ago

hugobast commented 7 years ago

I think there's an issue at this line: https://github.com/mcordell/grape_devise_token_auth/blob/90d24291e16d7656059eaba933302136dc49abbd/lib/grape_devise_token_auth/auth_headers.rb#L6

This assumes that warden keeps track of the user using :user.

While this helper: https://github.com/mcordell/grape_devise_token_auth/blob/master/lib/grape_devise_token_auth/auth_helpers.rb

Has it dynamically set.

hugobast commented 7 years ago

If someone comes here in search of answers as to why the headers are disappearing on the second request this is because devise mappings for a nested resource will have warden work with something that isn't :user. In my case I had warden map with api_user because it was namespaced under api. A fix for this looks simple here's what I did to my routes:

namespace :api, as: nil do
end

as: nil ensure that we won't get a namespaced resource mapping!