env['warden'] not working with Rails 5

Asked 6/4, 2017 at 14:43 Answered 14/1, 2020 at 14:59

Im following this guide to create Chatting feature with a use of Websockets. https://www.sitepoint.com/rails-and-actioncable-adding-advanced-features/

Im stuck with a problem that env['warden'].user is retuning nothing even when Im loggined to the app with standard Devise form.

And if I use another method (which is commented now) - it return wrong user

module ApplicationCable
  class Connection < ActionCable::Connection::Base
    identified_by :current_user

    def connect
      self.current_user = find_verified_user
      logger.add_tags 'ActionCable', current_user.email
    end

    protected

    def find_verified_user # this checks whether a user is authenticated with devise
      verified_user = env['warden'].user

      if verified_user
        verified_user
      else
        reject_unauthorized_connection
      end
    end

    # def find_verified_user
    #     user_id = request.headers['HTTP_AUTHORIZATION']
    #     if verified_user = User.find_by(user_id)
    #        verified_user
    #     else
    #        reject_unauthorized_connection
    #     end
    # end

  end
end

Logs says

Started GET "/cable/" [WebSocket] for 127.0.0.1 at 2017-04-06 17:40:17 +0300
Successfully upgraded to WebSocket (REQUEST_METHOD: GET, HTTP_CONNECTION: Upgrade, HTTP_UPGRADE: websocket)
An unauthorized connection attempt was rejected
Failed to upgrade to WebSocket (REQUEST_METHOD: GET, HTTP_CONNECTION: Upgrade, HTTP_UPGRADE: websocket)

Ise answered 6/4, 2017 at 14:43 Comment(0)

I found solution on this article https://rubytutorial.io/actioncable-devise-authentication/

Im not sure how it works, but it does the deal. How it would help for people with similar problem.

module ApplicationCable
  class Connection < ActionCable::Connection::Base
    identified_by :current_user

    def connect
      self.current_user = find_verified_user
      logger.add_tags 'ActionCable', current_user.email
    end

    protected
    def find_verified_user
      verified_user = User.find_by(id: cookies.signed['user.id'])
      if verified_user && cookies.signed['user.expires_at'] > Time.now
        verified_user
      else
        reject_unauthorized_connection
      end
    end

  end
end

And I also created /config/initializers/warden_hooks.rb file

Warden::Manager.after_set_user do |user,auth,opts|
  scope = opts[:scope]
  auth.cookies.signed["#{scope}.id"] = user.id
  auth.cookies.signed["#{scope}.expires_at"] = 60.minutes.from_now
end

Warden::Manager.before_logout do |user, auth, opts|
  scope = opts[:scope]
  auth.cookies.signed["#{scope}.id"] = nil
  auth.cookies.signed["#{scope}.expires_at"] = nil
end

Ise answered 6/4, 2017 at 15:10 Comment(2)

The link to the ref is dead. – Minium 11/6, 2021 at 18:15

I used this answer but I had to plug in Okomikeruko's piece of code as well to make things work. – Zeena 20/8, 2021 at 6:46

I had the same problem, but it turned out my issue was because I had two Devise models: User and Customer, since User was used for admin stuff, Customer was set to Warden's default_scope. So to access the user scope, I had to do the following

env['warden'].user(:user)

The symbol at the end defines the scope to use.

Here's where I found information on Warden's Scoped Users: https://github.com/wardencommunity/warden/wiki/Scopes#scoped-user-access

Lavine answered 14/1, 2020 at 14:59 Comment(1)

That's the way it works in combination with active admins default admin_user and a "normal" user model. – Ingenue 20/1, 2020 at 16:31

I found solution on this article https://rubytutorial.io/actioncable-devise-authentication/

Im not sure how it works, but it does the deal. How it would help for people with similar problem.

module ApplicationCable
  class Connection < ActionCable::Connection::Base
    identified_by :current_user

    def connect
      self.current_user = find_verified_user
      logger.add_tags 'ActionCable', current_user.email
    end

    protected
    def find_verified_user
      verified_user = User.find_by(id: cookies.signed['user.id'])
      if verified_user && cookies.signed['user.expires_at'] > Time.now
        verified_user
      else
        reject_unauthorized_connection
      end
    end

  end
end

And I also created /config/initializers/warden_hooks.rb file

Warden::Manager.after_set_user do |user,auth,opts|
  scope = opts[:scope]
  auth.cookies.signed["#{scope}.id"] = user.id
  auth.cookies.signed["#{scope}.expires_at"] = 60.minutes.from_now
end

Warden::Manager.before_logout do |user, auth, opts|
  scope = opts[:scope]
  auth.cookies.signed["#{scope}.id"] = nil
  auth.cookies.signed["#{scope}.expires_at"] = nil
end

Ise answered 6/4, 2017 at 15:10 Comment(2)

The link to the ref is dead. – Minium 11/6, 2021 at 18:15

I used this answer but I had to plug in Okomikeruko's piece of code as well to make things work. – Zeena 20/8, 2021 at 6:46

Using Devise for authentication, I just ran into the same problem and the accepted answer didn't help me. My mistake was in my routes.rb file. I placed: mount ActionCable.server, at: '/cable' inside the authenticate :user do block. Moving it into the: Rails.application.routes.draw do block resolved the issue for me.

Floatage answered 8/11, 2018 at 19:47 Comment(0)

Recommended topics

Hot tags