grape_devise_token_auth icon indicating copy to clipboard operation
grape_devise_token_auth copied to clipboard

Published 20 hours ago verified publisher icon mcordell

auth headers need to be capitalized

Open bezreyhan opened this issue 7 years ago • 0 comments

It seems that the auth headers need to be capitalized and prefixed with HTTP: 'HTTP_ACCESS_TOKEN', 'HTTP_EXPIRY' 'HTTP_UID' 'HTTP_CLIENT' 'CONTENT_TYPE'

However, DeviseTokenAuth does not capitalize their headers or prefix them with 'HTTP': https://github.com/lynndylanhurley/devise_token_auth#token-header-format

I tried adding this gem to my grape controllers but I was getting a 401 because of how I format my headers.

For example, this test fails:

auth = create(:user)
                        .create_new_auth_token
                        .merge('CONTENT_TYPE' => 'application/json')
post '/v1/test', params.to_json, auth_headers
expect(last_response.status).to_not eq(401)

where auth looks like this:

{
     "access-token"=>"R4lu2FG70QUhG8VYuK92Ow",
     "token-type"=>"Bearer",
     "client"=>"I9_2W0aRzt9Be8N1ZVadJw",
     "expiry"=>"1497999282",
     "uid"=>"[email protected]",
     "CONTENT_TYPE"=>"application/json"
}

In my controller I have:

unless authenticate_user!
    return error!("Authorized Users only", 401)
end

bezreyhan avatar Jun 06 '17 22:06 bezreyhan