mikker
commented
4 years ago Looks like it doesnโt ๐
We could probably fix this with helper ... if defined?(helper)?
Closed typhoon2099 closed 4 years ago
mikker
commented
4 years ago Looks like it doesnโt ๐
We could probably fix this with helper ... if defined?(helper)?
typhoon2099
commented
4 years ago I guess that would work. Wouldn't that just end up breaking some other functionality?
typhoon2099
commented
4 years ago Flash isn't included with Rails API projects. I'm not sure if cookies is either, I'd have to check, but it doesn't look to be setting any cookies when I sign in, and when I try to sign in with the same link to test login reuse I get undefined local variable or methodflash' for #
mikker
commented
4 years ago Sounds like you'll have a nicer time building your own controller actions for this. I just did so in one of my own apps actually. Just use all the parts of passwordless that fits but...
passwordless_for :users in routes.rbPasswordless.mounted_as = User manuallyHow do you plan on keeping the session info without session? You're already pretty much on your own with an API style app ๐
typhoon2099
commented
4 years ago Yeah, I'll have to customise that controller to get what I need. I think what I need to do to use this with an API is to configure passwordless to send a link to the frontend app, which will then contact the right Passwordless sign_in endpoint and, on a successful response, set a cookie to use for authentication.
What's supposed to happen on the frontend after authentication usually? Does the sign_in endpoint send back a cookie to set in the browser? I'm not seeing that happening, which I assume is due to a missing Rails plugin.
EDIT: Yes, I've added ActionDispatch::Cookies and ActionDispatch::CookieStore to the application config and it's setting cookies properly.
danjebs
commented
4 years ago @typhoon2099 did you manage to get this working?
If so, any pointers would be appreciated :)
typhoon2099
commented
4 years ago @danjebs I got it working by adding ActionDispatch::Cookies and ActionDispatch::CookieStore. It doesn't really fit well with an API so I'm currently working on forking passwordless and creating a version that doesn't rely on cookies and instead returns an authentication token to send with future API requests. The goal is to include all of the features in passwordless, so once I've figured out the token claiming part (and possibly migrated from Minitest to RSpec), I'll get something pushed.
danjebs
commented
4 years ago @typhoon2099 gotcha, thanks for the quick reply. I was wondering if you had gotten it working without cookies. For now, I'll roll-my-own for now with jwt, but I'll be interested to see what you come up with.
typhoon2099
commented
4 years ago I wondered about using JWT but I've decided against it because managing revocations seems like it will slowly become a nightmare. I'm working on a smaller hobby project and I think that a simple Bearer token should be enough, and allow me to more easily withdraw authorisation as required.
mikker
commented
4 years ago Closing this as it seems like you either worked something out or used something else? Feel free to reopen.
Trying to log in but I get the following error:
Does this gem work on Rails 6 and/or API only applications?