Comments (6)
Ok! So, as described in the Readme file, support for standard devise together with this gem is experimental and I know for a fact that some things might misbehave. But in general, there's usually a way to make it work. But for your main problem, this is the best solution I have found and the one I use (kind of) https://devise-token-auth.gitbook.io/devise-token-auth/faq#another-method-for-using-this-gem-alongside-standard-devise-updated-may-2018
So what happens is that we inherit from devise token auths controller, they inherit from Devise, and Devise inherits from your App's ApplicationController
. And we can't change that in this gem (maybe in the future). So the gist of the solution is as follows:
Have a naked ApplicationController
that doesn't protect from forgery or any other thing you might already have on your application controller.
Create a new controller for the full-stack side (mine is called ApplicationMainController
) than inherits from application controller
ApplicationMainController < ApplicationController
Then make every full-stack controller in your app inherit from the new ApplicationMainController
. Make ApplicationMainController protect_from_forgery and everything you need for the full-stack app.
And then create another API controller that you probably already have that could go like this:
ApiController < ApplicationController
And that should do it, the main thing about this is having ApplicationController
as plain as possible, specially not protecting from forgery.
I know it works! But let me know if I was unclear about something.
from graphql_devise.
Hey @single-stop-rj! I see what's going on there. So you are running this API alongside a regular full-stack rails app? If so, do you use standard devise there?
from graphql_devise.
It all makes sense now. Ok. Thank you so much.
from graphql_devise.
Yes. Thats exactly what I have!
I also have added the config item
config.enable_standard_devise_support = true
in the init file, if that helps.
from graphql_devise.
Mmm just an additional note @single-stop-rj what I suggested will actually remove forgery_protection from your standard devise controllers, which is not ideal. I'll see what we can do in this gem to not force you to do that.
from graphql_devise.
@single-stop-rj #93 will take care of this, forgery_protection should not be a problem anymore and you don't have to change anything in order to avoid it. But, if you are using regular devise and if you were calling before_action :authenticate_user!
in your ApplicationController
, you will still need to change your controller structure as I described before.
from graphql_devise.
Related Issues (20)
- Override `graphql_name` to allow for shared mutations HOT 2
- GraphQL::Schema::DuplicateNamesError HOT 5
- how to set current_resource for both authenticated and unauthenticated fields HOT 1
- Support for ruby-graphql v2 HOT 3
- A class must be provided when mounting a model. String values are no longer supported HOT 3
- Mount only necessary operations in existing schema. HOT 3
- Authenticate non-root fields HOT 6
- Cannot make it work with Mongoid HOT 5
- `context[:controller]` is nil when trying to login HOT 1
- Scoping auth tokens to more than one model HOT 1
- If expiry was in epoch seconds, it may be out of the range of INT. HOT 1
- Disable introspection HOT 1
- Support graphql v2.1 HOT 4
- NoMethodError: undefined method `resource=' for nil:NilClass HOT 5
- Add ability to customize raise_user_error_list and raise_user_error_list
- Add ability to customize raise_user_error_list method HOT 11
- Unable to set my message from #inactive_message method HOT 7
- NoMethodError: undefined method `case_insensitive_keys' for nil:NilClass HOT 5
- Is there a way to use the default devise template views? HOT 1
- Uninitialized constant `GraphqlDevise::SchemaPlugin` After trying to mount `graphql_devise` in my schema HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from graphql_devise.