search

FAQ

hashtag
I have missing headers or issues with batch requests

Try disabling change_headers_on_each_request, it's a nice to have security enhancement but not crucial. If you are curious, you can check how we manage the tokens and batch requests

hashtag
Can I use this gem alongside standard Devise?

Yes! But you will need to enable the support of separate routes for standard Devise. So do something like this:

hashtag
config/initializers/devise_token_auth.rb

DeviseTokenAuth.setup do |config|
  config.enable_standard_devise_support = true
end

hashtag
config/routes.rb

Rails.application.routes.draw do

  # standard devise routes available at /users
  # NOTE: make sure this comes first!!!
  devise_for :users

  # token auth routes available at /api/v1/auth
  namespace :api do
    scope :v1 do
      mount_devise_token_auth_for 'User', at: 'auth'
    end
  end

end

hashtag
Another method for using this gem alongside standard Devise (updated May 2018)

Some users have been experiencing issues with using this gem alongside standard Devise, with the config.enable_standard_devise_support = true method.

Another method suggested by jotoloarrow-up-right is to have separate child application_controller.rb files that use either DeviseTokenAuth or standard Devise, which all inherit from a base application_controller.rb file. For example, you could have an api/v1/application_controller.rb file for the API of your app (which would use Devise Token Auth), and a admin/application_controller.rb file for the full stack part of your app (using standard Devise). The idea is to redirect each flow in your application to the appropriate child application_controller.rb file. Example code below:

hashtag
controllers/api/v1/application_controller.rb

Child application controller for your API, using DeviseTokenAuth.

hashtag
controllers/admin/application_controller.rb

Child application controller for full stack section, using standard Devise.

hashtag
controllers/application_controller.rb

The base application controller file. If you're using CSRF token protection, you can skip it in the API specific application controller (api/v1/application_controller.rb).

hashtag
config/initializers/devise_token_auth.rb

Keep the enable_standard_devise_support configuration commented out or set to false.

hashtag
Why are the new routes included if this gem doesn't use them?

Removing the new routes will require significant modifications to devise. If the inclusion of the new routes is causing your app any problems, post an issue in the issue tracker and it will be addressed ASAP.

hashtag
I'm having trouble using this gem alongside ActiveAdminarrow-up-right...

For some odd reason, ActiveAdminarrow-up-right extends from your own app's ApplicationController. This becomes a problem if you include the DeviseTokenAuth::Concerns::SetUserByToken concern in your app's ApplicationController.

The solution is to use two separate ApplicationController classes - one for your API, and one for ActiveAdmin. Something like this:

hashtag
How can I use this gem with Grape?

You may be interested in GrapeTokenAutharrow-up-right or GrapeDeviseTokenAutharrow-up-right.

hashtag
How can I use this gem with Solidus/Spree?

You may be interested in solidus_devise_token_autharrow-up-right.

hashtag
I already have a user, how can I add the new fields?

  1. First, remove the migration generated by the following commandrails g devise_token_auth:install [USER_CLASS] [MOUNT_PATH] and then:.

  2. Create another fresh migration:

hashtag
I want to add a new param for sign up and account update

Override the controllerarrow-up-right and describe the new parameters you want to add in the configure_permitted_parameters method.

When creating an account, add params under sign_up.

When updating your account, add params under account_update.

For example:

PreviousTestingNextConceptual Diagrams

Last updated