env['warden'] not working with Rails 5 -
im following guide create chatting feature use of websockets. https://www.sitepoint.com/rails-and-actioncable-adding-advanced-features/
im stuck problem env['warden'].user retuning nothing when im loggined app standard devise form.
and if use method (which commented now) - return wrong user
module applicationcable class connection < actioncable::connection::base identified_by :current_user def connect self.current_user = find_verified_user logger.add_tags 'actioncable', current_user.email end protected def find_verified_user # checks whether user authenticated devise verified_user = env['warden'].user if verified_user verified_user else reject_unauthorized_connection end end # def find_verified_user # user_id = request.headers['http_authorization'] # if verified_user = user.find_by(user_id) # verified_user # else # reject_unauthorized_connection # end # end end end logs says
started "/cable/" [websocket] 127.0.0.1 @ 2017-04-06 17:40:17 +0300 upgraded websocket (request_method: get, http_connection: upgrade, http_upgrade: websocket) unauthorized connection attempt rejected failed upgrade websocket (request_method: get, http_connection: upgrade, http_upgrade: websocket)
i found solution on article https://rubytutorial.io/actioncable-devise-authentication/
im not sure how works, deal. how people similar problem.
module applicationcable class connection < actioncable::connection::base identified_by :current_user def connect self.current_user = find_verified_user logger.add_tags 'actioncable', current_user.email end protected def find_verified_user verified_user = user.find_by(id: cookies.signed['user.id']) if verified_user && cookies.signed['user.expires_at'] > time.now verified_user else reject_unauthorized_connection end end end end and created /config/initializers/warden_hooks.rb file
warden::manager.after_set_user |user,auth,opts| scope = opts[:scope] auth.cookies.signed["#{scope}.id"] = user.id auth.cookies.signed["#{scope}.expires_at"] = 60.minutes.from_now end warden::manager.before_logout |user, auth, opts| scope = opts[:scope] auth.cookies.signed["#{scope}.id"] = nil auth.cookies.signed["#{scope}.expires_at"] = nil end
Comments
Post a Comment