Knock::AuthTokenController and auth parameter validation - Githubissues

nsarno / knock

Seamless JWT authentication for Rails API

MIT License

2.07k stars 253 forks source link

Knock::AuthTokenController and auth parameter validation #181

Open poulet42 opened 7 years ago

poulet42 commented 7 years ago

To reproduce :

Setup Knock
Generate a token controller rails generate knock:token_controller XXX
Send a post request with a string parameter called auth to the generated endpoint

Expected response : Status 4XX -> Bad parameters = Client issue

Actual response : Status 500 - Internal Server Error

spaquet commented 7 years ago

Just a quick question. You hcave XXX after token_controller. Did you change it by the model you plan to use (User or else)?

poulet42 commented 7 years ago

@spaquet Yes, I'm using my User model

jondoe1337 commented 6 years ago

Can confirm this. I would expect a 403 to be returned.