Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Having 401 Unauthorized only with mobile #305

Closed
casertap opened this issue Jul 14, 2015 · 6 comments
Closed

Having 401 Unauthorized only with mobile #305

casertap opened this issue Jul 14, 2015 · 6 comments

Comments

@casertap
Copy link

My authentication works on my desktop but when I use my mobile it does not work.
I am using ng-token-auth and devise_token_auth for my angularjs application.

SessionsController is happening correctly. I can retrieve the new logged in user.
But any subsequent request will do (mobile only):

[2015-07-14 11:27:56 +0200] Started GET "/api/posts?page=1" for 193.168.76.1 at 2015-07-14 11:27:56 +0200
[2015-07-14 11:27:56 +0200] Processing by Api::V5::PostsController#index as JSON
[2015-07-14 11:27:56 +0200]   Parameters: {"page"=>"1"}
[2015-07-14 11:27:56 +0200] Filter chain halted as :authenticate_user! rendered or redirected
[2015-07-14 11:27:56 +0200] Completed 401 Unauthorized in 1ms (Views: 0.2ms | ActiveRecord: 0.0ms | Solr: 18.4ms)

If I refresh the mobile browser (Chrome & Safari) , then I am out.

On my desktop it do:

[2015-07-14 11:38:00 +0200] Processing by Api::V5::PostsController#index as JSON
[2015-07-14 11:38:00 +0200]   Parameters: {"page"=>"1"}
[2015-07-14 11:38:00 +0200] Started GET "/api/notifications" for 193.168.76.1 at 2015-07-14 11:38:00 +0200

I tested with Chrome and Safari and an IPhone and it does not work.
On xcode iphone simulator it works fine.
On Chrome and Safari desktop it works also.

Does anyone have a clue?
@casertap
Copy link
Author

I found a related issue: #299

@casertap casertap mentioned this issue Jul 15, 2015
Closed
@casertap
Copy link
Author

This is in production right now!
Any help please?

@booleanbetrayal
Copy link
Collaborator

@casertap - what version of devise_token_auth are you running, and are you using localStorage or cookies as the preferred persistence mechanism?

@casertap
Copy link
Author

devise_token_auth v0.1.32.beta10
I am using ng-token-auth 0.0.25 defaults so it is set to cookies (I did try with storage 'localStorage' and it broke everything (mobile + desktop))
I switch back to cookies so my desktop login works fine.
It is working with a Nexus Phone so the problem comes from safari ios only.

@casertap
Copy link
Author

my bad. It actually works with the option -> storage: 'localStorage'
Thanks

@booleanbetrayal
Copy link
Collaborator

@casertap - recently fixed an issue in ng-token-auth where an invalid cookie expiration was preventing iOS from correctly storing auth tokens as a cookie. see also: lynndylanhurley/ng-token-auth#172

Might be worth pulling ng-token-auth from master and testing cookie storage. FWIW - iOS private browsing will not support localStorage, so you'll have to do a check during configuration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@casertap @booleanbetrayal