Javascript / Rails enable header fetching

Question

Javascript / Rails enable header fetching

So, I am developing a React / Redux SPA application, and I want the authorization work to work. I have Rails using the devise_token_auth gem and (in a React application) I need to save the token that answered the backend to me. However, tokens are available response.headers. What for? CORS are configured on the backend side, so I'm sure this is not a problem. Take a look at the code and screenshot:

let config = {
  method: 'POST',
  headers: {
    "Accept": "application/json",
    "Content-Type": "application/json"
  },
  body: JSON.stringify(creds) // { email: 'asd@example.org', password: 'asdasdasd' }
}

return dispatch => {
  dispatch(requestLogin(creds))
  return fetch('http://localhost:3000/auth/sign_in', config)
    .then((response => {
      response.headers.forEach((el) => console.log(el))
    }))
}

console.log:

proof that the browser sees the headers:

+4

javascript authentication fetch token

Bartosz gladecki May 18, '16 at 10:57

source share

1 answer

Bartosz Gladecki · Accepted Answer · 2016-05-23T09:53:49+0000

fixed. The problem was server side. I had this in the rack initializer:

headers: :any,                                                                                                         
methods: [:get, :post, :put, :patch, :delete, :options, :head]

changed to this:

headers: :any,
expose: ['access-token', 'expiry', 'token-type', 'uid', 'client'],
methods: [:get, :post, :put, :patch, :delete, :options, :head]

:) devise_token_auth.

Javascript / Rails enable header fetching

More articles: