devise_token_auth icon indicating copy to clipboard operation
devise_token_auth copied to clipboard

Published 20 hours ago verified publisher icon lynndylanhurley

Email confirmation route

Open eugenio1590 opened this issue 6 years ago • 13 comments

This is a question, not an issue. In the documentation, I do not find the route to resending the email confirmation instructions. The default route for the Devise library is POST /confirmation with the email parameter (access is with /confirmation/new route). Which is the route in this library?

eugenio1590 avatar Mar 14 '18 23:03 eugenio1590

Hey @eugenio1590 , what happens when you run rake routes - do you see it then?

zachfeldman avatar Mar 15 '18 14:03 zachfeldman

Hi @zachfeldman I can see the route:

new_api_v1_user_confirmation GET      /api/v1/auth/confirmation/new(.:format)             devise_token_auth/confirmations#new
api_v1_user_confirmation     GET      /api/v1/auth/confirmation(.:format)                 devise_token_auth/confirmations#show
                            POST      /api/v1/auth/confirmation(.:format)                 devise_token_auth/confirmations#create

But, when I access the first link, I get the following error: The action 'new' could not be found for DeviseTokenAuth::ConfirmationsController

And the second link: Routing Error Not Found

And the third link: The action 'create' could not be found for DeviseTokenAuth::ConfirmationsController

eugenio1590 avatar Mar 15 '18 15:03 eugenio1590

This is the ConfirmationsController on master: https://github.com/lynndylanhurley/devise_token_auth/blob/master/app/controllers/devise_token_auth/confirmations_controller.rb

It seems to be lacking some actions?

zachfeldman avatar Mar 17 '18 14:03 zachfeldman

...or not, depending on which endpoint you're hitting.

You can also override that controller and do something like binding.pry to debug what your request sends.

zachfeldman avatar Mar 17 '18 14:03 zachfeldman

Ok, I don't see the 'new' and 'create' actions in this controller. The problem is the following, this is my user case in my android application:

  1. The user does not have an account.
  2. The user presses the 'sign-up' button.
  3. The user enters their credentials (email and password).
  4. In the Rails server, the account is created and send a confirmation email to the user.
  5. The app tries to login with these credential, but display an information message about the email confirmation.

---The functionality is right until here---

Sometimes (due to my mail provider used in the Rails server), the confirmation email does not reach. I need to implement a way to resend this confirmation email, like the Devise library.

eugenio1590 avatar Mar 17 '18 17:03 eugenio1590

Sure! I'd accept a PR for a route.

zachfeldman avatar Mar 18 '18 19:03 zachfeldman

@eugenio1590 funny, I noticed the exact same thing last week, but I've not had a chance to report the issue.

The problem extends beyond just the confirmations#new and confirmations#create actions; there are also routes with missing actions for passwords#new, registrations#cancel, registrations#new, and registrations#edit too:

        new_user_password GET      /api/auth/password/new(.:format)     devise_token_auth_overrides/passwords#new
        
 cancel_user_registration GET      /api/auth/cancel(.:format)           devise_token_auth_overrides/registrations#cancel
    new_user_registration GET      /api/auth/sign_up(.:format)          devise_token_auth_overrides/registrations#new
   edit_user_registration GET      /api/auth/edit(.:format)             devise_token_auth_overrides/registrations#edit

I believe the routes come from Devise, which does include actions for those routes. This gem utilizes devise_for to add all the standard routes from Devise: https://github.com/lynndylanhurley/devise_token_auth/blob/7a83ada953ca0adaa311118725edca501e49974d/lib/devise_token_auth/rails/routes.rb#L28-L33

While DeviseTokenAuth::ApplicationController does inherit from DeviseController, the descendent controllers of DeviseTokenAuth::ApplicationController do not define all the actions of their respective counterparts in Devise.

This is visible in the class inheritance chain. For example, DeviseTokenAuth::ConfirmationsController has following (relevant) ancestors:

[
  DeviseTokenAuth::ConfirmationsController < DeviseTokenAuth::ApplicationController,
    DeviseTokenAuth::ApplicationController < DeviseController,
    DeviseController < Devise.parent_controller # => ApplicationController
]

Where Devise.parent_controller evaluates to your Rails app's ApplicationController.

I do wonder if the various DeviseTokenAuth controllers should instead inherit from their respective counterparts in Devise, with the shared code from DeviseTokenAuth::ApplicationController moved into a module. That would probably break a bunch of stuff though.

Evan-M avatar Mar 22 '18 02:03 Evan-M

@eugenio1590 did you solve that problem?

NSNJRGL avatar Sep 18 '18 09:09 NSNJRGL

Hi @Nasaakaa , apologize for the delay. Actually no, I have chosen to leave this functionality aside for now. I will be aware of the new changes in the library. Thanks.

eugenio1590 avatar Sep 19 '18 23:09 eugenio1590

@eugenio1590 thanks

NSNJRGL avatar Sep 20 '18 01:09 NSNJRGL

@eugenio1590 hi.. i know its been a long time.. but i have the same issue and i would like to know if you got a solution for this

jjla26 avatar Apr 23 '20 22:04 jjla26

@eugenio1590 hi.. i know its been a long time.. but i have the same issue and i would like to know if you got a solution for this

Hi @jjla26 I didn't find a solution to that. I preferred to use another endpoint to send the confirmation instructions email. But that wasn't a good solution. So, I did choose to leave this functionality aside.

eugenio1590 avatar Apr 24 '20 13:04 eugenio1590

@eugenio1590 I've been working on that and i found out the following.. i have these three routes from devise token auth:

new_api_user_confirmation GET /api/auth/confirmation/new(.:format) devise_token_auth/confirmations#new api_user_confirmation GET /api/auth/confirmation(.:format) devise_token_auth/confirmations#show POST /api/auth/confirmation(.:format) devise_token_auth/confirmations#create

The POST works for sending a new confirmation email.. you need to send the params email and the confirm_success_url...

So far so good... the problem now is that when you get the email and the confirm link was expire or already clicked you get an error and is because of the controller. They are throwing an exception:

`module DeviseTokenAuth class ConfirmationsController < DeviseTokenAuth::ApplicationController

def show
  @resource = resource_class.confirm_by_token(resource_params[:confirmation_token])

  if @resource.errors.empty?
    yield @resource if block_given?

    redirect_header_options = { account_confirmation_success: true }

    if signed_in?(resource_name)
      token = signed_in_resource.create_token
      signed_in_resource.save!

      redirect_headers = build_redirect_headers(token.token,
                                                token.client,
                                                redirect_header_options)

      redirect_to_link = signed_in_resource.build_auth_url(redirect_url, redirect_headers)
    else
      redirect_to_link = DeviseTokenAuth::Url.generate(redirect_url, redirect_header_options)
   end

    redirect_to(redirect_to_link)
  else
   ---->>>>>> raise ActionController::RoutingError, 'Not Found'<<<<<---
  end
end`

So i needed to override this. so when you get the email and the link is broken you dont get the exception but the behavior you need to happen.. i already did it but now i need to show a message with the error and i am struggling with that.. if you have any advise that will be wonderfull

jjla26 avatar Apr 24 '20 15:04 jjla26

Resolved by #1557

MaicolBen avatar Dec 27 '22 22:12 MaicolBen