Problem when using 2 types of authentication on same site #334
Labels
support request
This issue is a request for support using Simple Token Authentication.
Comments
gonzalo-bulnes
added
the
support request
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Can somebody explain why we need
ifcondition in this linesimple_token_authentication/lib/simple_token_authentication/exception_fallback_handler.rb
Line 8 in 2ea7d13
Here is my case: I working on web site, it have admin panel (active_admin) and I use classic
devisesolution for authentication via session. Other part of is a single-page application, so I start implementing REST API on backend for support this SPA. I decide to use token base authentication for REST API part, addacts_as_token_authentication_handler_for User, fallback: :exceptionSo I login via classic
devisesign_in view, then generate token and send it to SPA.When I make requests from SPA to my REST API with wrong credentials this request are still OK, it happens because exception is not throws in this line (see link above), reason of this is that
controller.send("current_#{entity.name_underscore}")returnUserinstance, because request from client also include cookies with session_id.The text was updated successfully, but these errors were encountered: