I am having an issue getting devise_token_auth logout working.
I am working based on these SO:
How to set header and options in axios?
Why am I unable to sign out using devise_token_auth and curl?
This is the devise token auth, destroy method. It does reach this method and stops at a breakpoint.
def destroy
# remove auth instance variables so that after_action does not run
user = remove_instance_variable(:@resource) if @resource
client = @token.client
@token.clear!
if user && client && user.tokens[client]
user.tokens.delete(client)
user.save!
yield user if block_given?
render_destroy_success
else
render_destroy_error
end
end
@token is set in another method and it doesn't appear to be called. I don't quite get how this method is supposed to clear tokens.
My @token is #<struct DeviseTokenAuth::TokenFactory::Token client=nil, token=nil, token_hash=nil, expiry=nil> and @resource is nil at my break point/top of the method.
Client Request (Vue):
methods: {
headers() {
const config = {
headers: {
"uid": localStorage.getItem("uid"),
"client": localStorage.getItem("client"),
"access-token": localStorage.getItem("access-token")
}
}
return config
},
async handleLogOut() {
// e.preventDefault();
const headers = this.headers()
localStorage.removeItem('access-token')
localStorage.removeItem('uid')
localStorage.removeItem('client')
this.logOut();
let response = await axios.get('api/v1/auth/sign_out', null, headers)
}
}
Routes:
destroy_api_user_session GET /api/v1/auth/sign_out(.:format) api/v1/sessions#destroy
What am I doing wrong? How is the destroy method working?
Ok, I missed this before_action method:
This is where it takes your headers, checks them and sets instance variables.
By finding this I realized I was not sending the headers that I thought I was sending. I changed my http request it works fine.
axios.get('api/v1/auth/sign_out', headers)
Side Note:
The logout action by default in devise is delete but this can be modified:
config.sign_out_via = :get