Comments (5)
Rails uses something called strong parameters. Devise whitelists certain params by default ("email", "password", "password_confirmation"), but you can modify these settings if you like.
What you're seeing isn't an error exactly, it's just that a field called session
isn't getting thru to the sign_in
controller.
What does the POST request payload look like? Your logs indicate that the payload looks like this:
{
"email": "[email protected]",
"password": "xxx",
"session": {
"email": "[email protected]",
"password": "xxx"
}
}
If this is the case, then it looks like a param called session
is somehow being included in the request.
I suggest that you inspect the object that you're passing to $auth.submitLogin
method to see if you're sending the correct data.
from ng-token-auth.
I'm using the example code:
controller/signinctrl.js
$scope.handleLoginBtnClick = function() {
$auth.submitLogin($scope.loginForm)
.then(function(resp) {
// handle success response
})
.catch(function(resp) {
// handle error response
});
};
}]);
signin.html.haml
%form{"ng-init" => "loginForm = {}", "ng-submit" => "submitLogin(loginForm)", :role => "form"}
.form-group
.input-group.input-group-lg
%span.input-group-addon
%i.fa.fa-envelope
%input.form-control{:name => "email", "ng-model" => "loginForm.email", :required => "required", :type => "email"}/
.form-group
.input-group.input-group-lg
%span.input-group-addon
%i.fa.fa-lock
%input.form-control{:name => "password", "ng-model" => "loginForm.password", :required => "required", :type => "password"}/
.form-group
%button.btn.btn-danger.btn-lg.btn-block{:type => "submit"} Sign in
from ng-token-auth.
- Those examples are for two different implementations. You don't need the controller example if you're calling
submitLogin
from the template. - What does the POST request payload look like? If you're using Chrome, you can find this in the Network panel in the developer tools. Instructions here.
from ng-token-auth.
@ACPK - it looks like this is happening in the example app as well.
I can't find the source of the session
param. My guess is that it's set by one of the devise-token-auth dependencies (Devise, Warden, etc.). I did comb through the Devise source, but I couldn't find it anywhere.
While the warning is annoying, I don't think the session
param is going to cause any problems.
I'm marking this issue closed, but feel free to re-open it (or send a PR) if you can solve the mystery.
from ng-token-auth.
Update: there's a workaround here:
lynndylanhurley/devise_token_auth#676
The "session" parameter is actually created by Rails (wrap_parameters)
from ng-token-auth.
Related Issues (20)
- auth:password-reset-confirm-success never seems to be broadcast HOT 1
- Refreshing multiple times causes token failure/loss HOT 2
- Make a new release HOT 7
- Info on Support of this token for Angualr js 1.x HOT 2
- submitLogin unauthorize user
- how to broadcast 'auth:logout-success' if i logout using my own method HOT 1
- config is undefined HOT 1
- Quota Exceeded errors from setItem() when running on Heroku HOT 1
- submitRegistration without Confirmable?
- Unable to persist session after refresh HOT 6
- Live demo doesn't send registration emails HOT 1
- $auth.validateUser undefined in safari. HOT 1
- ng-token-auth depends on Express 3.x
- Project status HOT 1
- Unhandled rejection on failed login, even with catch()
- token headers not being stored
- package supports angular 6? HOT 2
- postMessage handler doesn't verify origin
- Create new release for package.json fix
- C
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ng-token-auth.