Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

current_inviter produces 401 Unauthorized #297

Closed
nozpheratu opened this Issue · 4 comments

3 participants

@nozpheratu

My application has the following STI set-up:

class User < ActiveRecord::Base

  devise :database_authenticatable, :registerable, :rememberable, :trackable

end
class Instructor < User

  devise :invitable, :recoverable, :authentication_keys => [:username, :school_id]

end

My Instructor class is theone which implementing devise invitable. I'm also using the following devise_for calls:

devise_for :users, :skip => [:passwords, :registrations], :controllers => {:registrations => "registrations", :sessions => "sessions"}
devise_for :instructors, :skip => :sessions, :controllers => {:passwords => "passwords", :invitations => "invitations" }

I noticed that I would get a 401 Unauthorized whenever I made a call to the current_inviter method inside of my custom invitations controller. It seems the only way for me to fix this was to skip any callbacks making calls to it and replacing any instances of current_inviter with current_user, e.g,:

skip_filter :authenticate_inviter!
skip_filter :has_invitations_left?, :only => [:create]

def create
  self.resource = resource_class.invite!(resource_params, current_user)
  if resource.errors.empty?
    set_flash_message :notice, :send_instructions, :email => self.resource.email
    respond_with resource, :location => after_invite_path_for(resource)
  else
    respond_with_navigational(resource) { render :new }
  end
end

Testing a call to current_inviter while debugging I see the following exception:

ArgumentError: uncaught throw :warden

Let me know if there's anything else you need for reproducing.

@scambra
Owner

I think you should override authenticate_inviter! with next code instead of using current_user and skip_filter:

def authenticate_inviter! 
  authenticate_instructor! :force => true
end

If inviters are users, which invite instructors, then use this code:

def authenticate_inviter! 
  authenticate_user! :force => true
end

And add include DeviseInvitable::Inviter to User model

@scambra
Owner

No answer, closing

@scambra scambra closed this
@mhmaguire

I'm running into a similar issue. Was wondering if you could advise as to the best way to implement your above suggestions?

Thanks in advance!

@mhmaguire

Nervermind, figured it out based on your readme. Thanks again for your awesome devise extension!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.