rails5 api + devise_token_auth: no access-token and uid returns after login successfully via omniauth2

问题

I am using devise_token_auth for omniauth2 login with weibo and qq. Yes, I am trying to use rails5 api feature!

After setup and using omniauth test_mode, I seems like login successfully but not login info(access_token, expiry, client and uid) return in the header of response.

Here is model, I apply candidate rather than user as authentication resource.

#app/models/candidate.rb

class Candidate < ApplicationRecord
  devise :database_authenticatable, :trackable, :omniauthable
  include DeviseTokenAuth::Concerns::User

  has_many :recruitments
  attr_writer :password, :password_confirmation
end

Using dummy omniauth successful info.

#config/environment/development.rb
#OmniAuth Fake
OmniAuth.config.test_mode = true
OmniAuth.config.mock_auth[:qq_connect] = OmniAuth::AuthHash.new(
  {
      provider: 'qq_connect',
      extra: { raw_info: { nickname: :dev } },
      info: { nickname: :dev },
      uid: '123456'
  })
OmniAuth.config.mock_auth[:weibo] = OmniAuth::AuthHash.new(
  {
      provider: 'weibo',
      extra: { raw_info: { nickname: :dev } },
      info: { nickname: :dev },
      uid: '1234567'
  })

So, when I send a get request to http://localhost:3000/auth/weibo, application redirect me to http://localhost:3000//auth/weibo/callback. It returns 200 Ok.

As far, everything seems fine. And also I check DB, which shows that candidate(authentication resource) was created, and its token changed with every request to it.

But look at the header of response, I find nothing useful(access-token, expiry etc) inside.

#Header of response

Cache-Control →max-age=0, private, must-revalidate
Connection →close
Content-Type →text/plain; charset=utf-8
ETag →W/"7215ee9c7d9dc229d2921a40e899ec5f"
Server →thin 1.6.2 codename Doc Brown
X-Content-Type-Options →nosniff
X-Frame-Options →SAMEORIGIN
X-Request-Id →d91648bb-3e69-4d23-8dfa-9eedfafeac26
X-Runtime →0.085038
X-XSS-Protection →1; mode=block

So My question is How to get auth info(likes access-token, client etc) after login with omniauth2?

Regards!

回答1:

I had the same problem. Maybe this decision will helpful for someone.

# app/controllers/overrides/omniauth_callbacks_controller.rb

module Overrides
  class OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksController
    after_action :update_auth_header, only: :omniauth_success
    end
  end
end

routes:

# config/routes.rb

Rails.application.routes.draw do
  scope '/api/v1' do
    mount_devise_token_auth_for 'User', at: 'auth', controllers: {
      omniauth_callbacks:  'overrides/omniauth_callbacks'
    }
    end
  end
end

来源：https://stackoverflow.com/questions/36841894/rails5-api-devise-token-auth-no-access-token-and-uid-returns-after-login-succ