LightBox
Reputation: 3425
what does this devise config do?
I want to restrict devise to json requests on an api with this from the internet. What does it do?
# config/initializers/devise.rb
config.http_authenticatable_on_xhr = false
config.navigational_formats = ["*/", :html, :json]
Upvotes: 4
Views: 3874
Answers (1)
usha
Reputation: 29349
From devise documentation,
config.http_authenticatable_on_xhr = true
If http headers should be returned for AJAX requests. True by default.
config.navigational_formats = ["/", :html, :json]
==> Navigation configuration
Lists the formats that should be treated as navigational. Formats like
:html, should redirect to the sign in page when the user does not have
access, but formats like :xml or :json, should return 401.
If you have any extra navigational formats, like :iphone or :mobile, you
should add them to the navigational formats lists.
The :"*/*" and "*/*" formats below is required to match Internet
Explorer requests.
Upvotes: 6
Related Questions
- What does line do? `:@request.env["devise.mapping"] = Devise.mappings[:user] `
- What does resource mean in Devise?
- What is the devise config.remember_for default value?
- What does sign_in of devise do
- Devise gem - unclear "how-to" guide
- Rails settings of devise
- How to configure a Controller in Devise?
- Rails + Devise - Session Controller explaination
- Specifying a layout file for devise gem in rails (what does this do?)
- Explain to me how config works in Rails