Ember Simple Auth: Session lost on refresh

前端未结

关注

 4  757

孤城傲影

I\'m using Ember Simple Auth Devise v 0.6.4 in an Ember-cli app.

I can log in fine but when I refresh the page the session is lost. (Tested in Firefox and Chrome.) <

相关标签:

4条回答

执念已碎

2021-01-02 05:48

I'm experiencing the same issue, e.g. my session is getting nuked on refresh.

This is undesired behavior, and for me at least doesn't appear to have anything to do with server side devise setup.

No requests are being sent to the server, it's just a matter of keeping the session alive by using the cookies which should be checked first.

0 讨论(0)
发布评论:

提交评论
- 加载中...
野的像风

2021-01-02 06:03
I have run into the same issue with simple-auth-devise.

The problem was that inconfig/environment.js the identificationAttributeName was overridden.
```
ENV['simple-auth-devise'] = {
    identificationAttributeName: 'email'
};
```
By doing so, it no longer matched the data returned by Users::SessionsController on successful authentication, taken from the ember-simple-auth-devise Readme:
```
data = {
    token: user.authentication_token,
    user_email: user.email
}
```
The attribute names must match, so the solution is to use the identificationAttributeName in the JSON returned by the controller:
```
data = {
    token: user.authentication_token,
    email: user.email
}
```
Like marcoow pointed out, it is all in the implementation of the Devise authorizer restore() method.
0 讨论(0)
发布评论:

提交评论
- 加载中...
再見小時候

2021-01-02 06:07

The problem is that you have neither user_token nor user_email in the session which are required for the session to be authenticated. So as soon as you reload the page the authenticator's restore method rejects the session. Also without user_token and user_email the authorizer is not going to actually authorize any requests.

You'll need to change your server side devise setup as described here.

0 讨论(0)
发布评论:

提交评论
- 加载中...
余生分开走

2021-01-02 06:07
I had this issue as well. It turns out that the restore method in the authenticator did not take into account the resource name.

In particular, changing the line indicated here: https://github.com/simplabs/ember-simple-auth/blob/master/packages/ember-simple-auth-devise/lib/simple-auth-devise/authenticators/devise.js#L95

as follows:
```
if (!Ember.isEmpty(propertiesObject.get(_this.resourceName)[_this.tokenAttributeName]) && !Ember.isEmpty(propertiesObject.get(_this.resourceName)[_this.identificationAttributeName])) {
```
solved the problem.

Note that my local storage looked like:
```
{"secure":{"authenticator":"simple-auth-authenticator:devise","user":{"id":1,"email":"test@gmail.com","created_at":"2015-07-20T22:30:47.966Z","updated_at":"2015-07-23T17:45:41.874Z","authentication_token":"7Uv6LysQ2h3x-P4WUMmU","token":"7Uv6LysQ2h3x-P4WUMmU"}}}
```
As a result, this required the additional changes in the config/environment.js
```
  ENV['simple-auth-devise'] = {
    identificationAttributeName: 'email',
    resourceName: 'user',
    tokenAttributeName: 'authentication_token',
    crossOriginWhitelist: ['*']   
  };
```
Changing bower_components/ember-simple-auth/simple-auth-devise.amd.js is what allowed me to see that this indeed was my problem.
0 讨论(0)
发布评论:

提交评论
- 加载中...