FAQ
Last updated
Last updated
Try disabling change_headers_on_each_request
, it's a nice to have security enhancement but not crucial. If you are curious, you can check how we
Yes! But you will need to enable the support of separate routes for standard Devise. So do something like this:
Some users have been experiencing issues with using this gem alongside standard Devise, with the config.enable_standard_devise_support = true
method.
Child application controller for your API, using DeviseTokenAuth.
Child application controller for full stack section, using standard Devise.
The base application controller file. If you're using CSRF token protection, you can skip it in the API specific application controller (api/v1/application_controller.rb
).
Keep the enable_standard_devise_support
configuration commented out or set to false
.
new
routes included if this gem doesn't use them?Removing the new
routes will require significant modifications to devise. If the inclusion of the new
routes is causing your app any problems, post an issue in the issue tracker and it will be addressed ASAP.
The solution is to use two separate ApplicationController
classes - one for your API, and one for ActiveAdmin. Something like this:
First, remove the migration generated by the following commandrails g devise_token_auth:install [USER_CLASS] [MOUNT_PATH]
and then:.
Create another fresh migration:
When creating an account, add params under sign_up
.
When updating your account, add params under account_update
.
For example:
Another method suggested by is to have separate child application_controller.rb
files that use either DeviseTokenAuth or standard Devise, which all inherit from a base application_controller.rb
file. For example, you could have an api/v1/application_controller.rb
file for the API of your app (which would use Devise Token Auth), and a admin/application_controller.rb
file for the full stack part of your app (using standard Devise). The idea is to redirect each flow in your application to the appropriate child application_controller.rb
file. Example code below:
For some odd reason, extends from your own app's ApplicationController
. This becomes a problem if you include the DeviseTokenAuth::Concerns::SetUserByToken
concern in your app's ApplicationController
.
You may be interested in or .
You may be interested in .
and describe the new parameters you want to add in the configure_permitted_parameters method.