Apply changes for rails-ujs and Turbo compatibility #5545
Conversation
JunichiIto
force-pushed
the
for-turbo-stream
branch
2 times, most recently
from
0fc795d
to
2d1ae92
Compare
JunichiIto
force-pushed
the
for-turbo-stream
branch
from
2d1ae92
to
683117d
Compare
JunichiIto
changed the title
|
@carlosantoniodasilva @rafaelfranca Hello, I'd appreciate if you would review my PR. |
|
@JunichiIto really appreciate your work here, but please be a bit patient. If anything there's breaking changes to consider. I'm looking into some current build failures before anything else, and we'll get to it. |
Treat `:turbo_stream` request format as a navigational format, much like HTML, so Devise/responders can work properly. Allow configuring the `error_status` and `redirect_status` using the latest responders features, via a new custom Devise responder, so we can customize the both responses to match Hotwire/Turbo behavior, for example with `422 Unprocessable Entity` and `303 See Other`, respectively. The defaults aren't changing in Devise itself (yet), so it still responds on errors cases with `200 OK`, and redirects on non-GET requests with `302 Found`, but new apps are generated with the new statuses and existing apps can opt-in. Please note that these defaults might change in a future release of Devise. PRs/Issues references: #5545 #5529 #5516 #5499 #5487 #5467 #5440 #5410 #5340 #5542 #5530 #5519 #5513 #5478 #5468 #5463 #5458 #5448 #5446 #5439
Treat `:turbo_stream` request format as a navigational format, much like HTML, so Devise/responders can work properly. Allow configuring the `error_status` and `redirect_status` using the latest responders features, via a new custom Devise responder, so we can customize the both responses to match Hotwire/Turbo behavior, for example with `422 Unprocessable Entity` and `303 See Other`, respectively. The defaults aren't changing in Devise itself (yet), so it still responds on errors cases with `200 OK`, and redirects on non-GET requests with `302 Found`, but new apps are generated with the new statuses and existing apps can opt-in. Please note that these defaults might change in a future release of Devise. PRs/Issues references: #5545 #5529 #5516 #5499 #5487 #5467 #5440 #5410 #5340 #5542 #5530 #5519 #5513 #5478 #5468 #5463 #5458 #5448 #5446 #5439
Treat `:turbo_stream` request format as a navigational format, much like HTML, so Devise/responders can work properly. Allow configuring the `error_status` and `redirect_status` using the latest responders features, via a new custom Devise responder, so we can customize the both responses to match Hotwire/Turbo behavior, for example with `422 Unprocessable Entity` and `303 See Other`, respectively. The defaults aren't changing in Devise itself (yet), so it still responds on errors cases with `200 OK`, and redirects on non-GET requests with `302 Found`, but new apps are generated with the new statuses and existing apps can opt-in. Please note that these defaults might change in a future release of Devise. PRs/Issues references: #5545 #5529 #5516 #5499 #5487 #5467 #5440 #5410 #5340 #5542 #5530 #5519 #5513 #5478 #5468 #5463 #5458 #5448 #5446 #5439
There was a problem hiding this comment.
Hey @JunichiIto, appreciate our work here.
I left a few thoughts below as I looked through the changes, but no need to change anything yourself here. I've been working on related changes #5548 on top of what you did here and a few other PRs/issues, to try to accommodate for turbo without making it a full breaking change, and integrating with responders. Your updates here were extremely helpful to get a better understanding of what was needed, and get that up and running, so thank you.
Please feel free to give that one a shot, and leave any feedback or issue you may encounter there. Let's also keep this open for now, it can be closed if / when that one gets merged. Thanks again.
| @@ -14,7 +14,7 @@ def create | |||
| if successfully_sent?(resource) | |||
| respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name)) | |||
| else | |||
| respond_with(resource) | |||
| respond_with resource, status: :unprocessable_entity | |||
There was a problem hiding this comment.
Note: We will be able to use responders to handle this for us across the board going forward.
Please see https://github.com/heartcombo/responders/blob/fb9f787055a7a842584ce351793b249676290090/CHANGELOG.md#unreleased (still unreleased at the time of this writing)
| @@ -38,6 +38,6 @@ | |||
|
|
|||
| <h3>Cancel my account</h3> | |||
|
|
|||
| <p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?" }, method: :delete %></p> | |||
| <p>Unhappy? <%= button_to "Cancel my account", registration_path(resource_name), data: { confirm: "Are you sure?", turbo_confirm: "Are you sure?" }, method: :delete %></p> | |||
There was a problem hiding this comment.
This looks like a good option to support both confirm options.
| @@ -20,6 +20,6 @@ | |||
|
|
|||
| <%- if devise_mapping.omniauthable? %> | |||
| <%- resource_class.omniauth_providers.each do |provider| %> | |||
| <%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), method: :post %><br /> | |||
| <%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), data: { turbo: false } %><br /> | |||
There was a problem hiding this comment.
Yeah, I think the best option for this one might be a button since this is not something that should go through turbo I guess?
The only other option that could work would be two methods. (method: :post and data: { turbo_method: :post }), but again I'm not sure about the Turbo behavior for something like this so may be better to disable it entirely.
There was a problem hiding this comment.
As far as I tested, Turbo didn't work with OAuth because it raises CORS error.
Here is the result when I click the link generated via <%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), method: :post, data: { turbo_method: :post } %>:
So I had to change this line from link to button and add data: { turbo: false } option.
There was a problem hiding this comment.
Good point, I hadn't thought about CORS but yeah since it's all happening via JS it will trigger a CORS error when trying to follow the redirect with fetch under the hood.
button_to it is then, to support this correctly on all cases, since there's no way to do POST with turbo like rails-ujs does. Thanks!
| @@ -38,7 +38,7 @@ def respond | |||
| if http_auth? | |||
| http_auth | |||
| elsif warden_options[:recall] | |||
| recall | |||
| request_format == :turbo_stream ? redirect : recall | |||
There was a problem hiding this comment.
I am afraid that while redirecting works in the sense that it will re-display the form as expected, it will lose some context about the flash / error message and show the more generic "you need to be signed in" instead of the "invalid email or password".
Ideally we'd still recall, but change the status, so it has that same behavior.
Treat `:turbo_stream` request format as a navigational format, much like HTML, so Devise/responders can work properly. Allow configuring the `error_status` and `redirect_status` using the latest responders features, via a new custom Devise responder, so we can customize the both responses to match Hotwire/Turbo behavior, for example with `422 Unprocessable Entity` and `303 See Other`, respectively. The defaults aren't changing in Devise itself (yet), so it still responds on errors cases with `200 OK`, and redirects on non-GET requests with `302 Found`, but new apps are generated with the new statuses and existing apps can opt-in. Please note that these defaults might change in a future release of Devise. PRs/Issues references: #5545 #5529 #5516 #5499 #5487 #5467 #5440 #5410 #5340 #5542 #5530 #5519 #5513 #5478 #5468 #5463 #5458 #5448 #5446 #5439
|
@carlosantoniodasilva Thank you for your feedback. I'm glad to hear you've started working on #5548 and looking forward to the day when it gets released. |
|
The main branch should contain all that's necessary for fully working with Turbo now, based on the changes here and a few others. A new version will be released soon, but feel free to test it out from the main branch in the meantime, and report back on any issues. Thanks. |
Purpose
I want to use Devise easily for both Rails 6.1(rails-ujs) and Rails 7.0(Turbo). Typical steps are like this:
My PR enables it.
Notable changes
Status codes
Views
button_toto sign-out because it works for both rails-ujs and Turbo:link_toto sign-out, please choose one or the other:Example apps
I created example apps for Turbo and rails-ujs with my version of Devise. They also have system tests.
Please feel free ask me if you have any questions or requests.