scarhand / devise-jwt-cookie Goto Github PK
View Code? Open in Web Editor NEWCookie-based JWT authentication for devise
Cookie-based JWT authentication for devise
Hello @scarhand,
I am getting a bundle error when using the latest version of this gem with the latest devise-jwt
gem.
Versions:
devise-jwt - 0.9.0
devise-jwt-cookie - 0.5.1
Bundler could not find compatible versions for gem "dry-configurable":
In snapshot (Gemfile.lock):
dry-configurable (= 0.15.0)
In Gemfile:
devise-jwt-cookie was resolved to 0.5.1, which depends on
dry-configurable (~> 0.9, < 0.11)
devise-jwt was resolved to 0.9.0, which depends on
warden-jwt_auth (~> 0.6) was resolved to 0.6.0, which depends on
dry-configurable (~> 0.13)
Running `bundle update` will rebuild your snapshot from scratch, using only
the gems in your Gemfile, which may resolve the conflict.
When I fork your repo and remove the pinned versions for the dry-auto_inject
and dry-configurable
dependencies in the devise-jwt-cookie.gemspec
, bundle, and point to the forked repo, all works well. Can you please remove those pinned dry
versions and push up a new version of your gem? I wanted to use your gem versus forking the repo and removing the pinned version myself.
Please let me know if you have any questions or concerns about my request. Appreciate your time. Thanks.
This gem works great! One thing that I noticed was that using standard devise-jwt
and their revocation strategies, when I send a logout request (set via config.jwt.revocation_requests
) it removes the token from the database based upon the strategy chosen.
After I installed devise-jwt-cookie
the logout call was made, but the revocation strategy did not run. I'm newer to this, but taking a brief look at the source code for devise-jwt
it seems to expect there to be an HTTP_AUTHORIZATION
header such that the proper database entry can be revoked. As after you install this gem, we no longer send that header (and rather use cookies) it does not seem to know to revoke it.
For the time being, a quick workaround seems to be to add some middleware that injects it back in. Something like:
def call(env)
if Devise::JWT::Cookie::Middleware.new(app).token_should_be_revoked?(env)
request = Rack::Request.new(env)
env['HTTP_AUTHORIZATION'] = "Bearer #{request.cookies[Devise::JWT::Cookie.config.name]}"
end
status, headers, response = app.call(env)
[status, headers, response]
end
This does work, but I'm wondering whether there's a better way? Or whether we should build this into the library itself?
Thanks !
Bundler could not find compatible versions for gem "dry-configurable":
In snapshot (Gemfile.lock):
dry-configurable (= 0.12.1)
In Gemfile:
devise-jwt-cookie (~> 0.2.0) x86_64-linux was resolved to 0.2.0, which depends on
dry-configurable (< 0.11, ~> 0.9) x86_64-linux
devise-jwt x86_64-linux was resolved to 0.8.1, which depends on
warden-jwt_auth (~> 0.5) x86_64-linux was resolved to 0.5.0, which depends on
dry-auto_inject (~> 0.6) x86_64-linux was resolved to 0.7.0, which depends on
dry-container (>= 0.3.4) x86_64-linux was resolved to 0.7.2, which depends on
dry-configurable (~> 0.1, >= 0.1.3) x86_64-linux
devise-jwt x86_64-linux was resolved to 0.8.1, which depends on
warden-jwt_auth (~> 0.5) x86_64-linux was resolved to 0.5.0, which depends on
dry-configurable (~> 0.9) x86_64-linux
Please note this issue: waiting-for-dev/devise-jwt#126
The problem (which is not a problem, but a security measure) with cookies is that they can't be shared cross-domain.
getting this error after installing devise-jwt-cookie (had already previously set up devise-jwt and was working), but cannot even start app now, due to this error (undefined method call
, coming from dry-configurable
. A little later down the line, I see this: cannot load such file -- devise-jwt (LoadError)
ENV: ruby 3.1.1, rails 7, mac & linux both
full trace:
bundler: failed to load command: bin/rails (bin/rails)
/Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-container-0.10.0/lib/dry/container/mixin.rb:151:in `register': undefined method `call' for {:default=>#<Dry::Container::Registry:0x0000000110f1a570 @_mutex=#<Thread::Mutex:0x0000000110f1a4f8>>}:Hash (NoMethodError)
config.registry.call(_container, key, item, options)
^^^^^
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:72:in `<class:Strategies>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:8:in `<module:AutoInject>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:7:in `<module:Dry>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:6:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies.rb:19:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/builder.rb:3:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject.rb:3:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/warden-jwt_auth-0.5.0/lib/warden/jwt_auth.rb:4:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/devise-jwt-0.8.1/lib/devise/jwt.rb:6:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:73:in `rescue in block in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:51:in `block in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `each'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler.rb:187:in `require'
from /Users/eddie/Projects/Paubox/pb_iam/config/application.rb:7:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:22:in `require_application!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:14:in `require_application_and_environment!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands/console/console_command.rb:101:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/base.rb:87:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command.rb:48:in `invoke'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands.rb:18:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from bin/rails:4:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `kernel_load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:23:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:483:in `exec'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:31:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/base.rb:485:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:25:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:48:in `block in <top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/friendly_errors.rb:120:in `with_friendly_errors'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:36:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `<main>'
/Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:15:in `require': cannot load such file -- devise-jwt (LoadError)
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:15:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:60:in `block (2 levels) in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:55:in `each'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:55:in `block in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `each'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler.rb:187:in `require'
from /Users/eddie/Projects/Paubox/pb_iam/config/application.rb:7:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:22:in `require_application!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:14:in `require_application_and_environment!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands/console/console_command.rb:101:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/base.rb:87:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command.rb:48:in `invoke'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands.rb:18:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from bin/rails:4:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `kernel_load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:23:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:483:in `exec'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:31:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/base.rb:485:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:25:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:48:in `block in <top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/friendly_errors.rb:120:in `with_friendly_errors'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:36:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `<main>'
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.