Reputation: 56
Cannot update params when use warden.authenticate in devise
I have upgrade my rails from 3.2.8 to rails 4, also devise is upgrade from 2.1.2 to 3.5.6 and warden from 1.2.3 to 1.2.6. I found an issue that I don't know what it should belongs to devise or warden.
Before I call
resource = warden.authenticate(:scope => resource_name, :recall =>"#{controller_path}#new")
I update params value like below:
params[:admin] = Hash.new
params[:admin][:email] = params[:email]
params[:admin][:password] = params[:password]
But when I print params in proxy.rb, the function def authenticate(*args) the params is still the original, there are no any admin in it.
The issue is not happened when I use the old system.
Here is my part of code and logs: controllers.rb
params[:admin] = Hash.new
params[:admin][:email] = params[:email]
params[:admin][:password] = params[:password]
params[:password] = '11111111111111'
# authenticate with warden
p '===================================='
p params
p warden
resource = warden.authenticate(:scope => resource_name, :recall => "#{controller_path}#new")
p params
p '===================================='
proxy.rb
def authenticate(*args)
p 'sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss'
p params
params[:password] = '111111111'
p params
p 'sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss'
user, _opts = _perform_authentication(*args)
user
end
logs:
"===================================="
{"email"=>"[email protected]", "password"=>"11111111111111", "controller"=>"admin_sessions", "action"=>"create", "version"=>"v1", "format"=>"json", "admin"=>{"email"=>"[email protected]", "password"=>"xxxxxxxx"}}
Warden::Proxy:70145506030260 @config={:default_scope=>:admin, :scope_defaults=>{}, :default_strategies=>{:admin=>[:rememberable, :database_authenticatable]}, :intercept_401=>false, :failure_app=>#Devise::Delegator:0x007f980f873e18}
"sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss"
{"email"=>"[email protected]", "password"=>"xxxxxxxx", "controller"=>"admin_sessions", "action"=>"create", "version"=>"v1", "format"=>"json"}
{"email"=>"[email protected]", "password"=>"111111111", "controller"=>"admin_sessions", "action"=>"create", "version"=>"v1", "format"=>"json"}
"sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss"
"sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss"
{"email"=>"[email protected]", "password"=>"111111111", "controller"=>"admin_sessions", "action"=>"create", "version"=>"v1", "format"=>"json"}
"sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssss"
{"email"=>"[email protected]", "password"=>"11111111111111", "controller"=>"admin_sessions", "action"=>"create", "version"=>"v1", "format"=>"json", "admin"=>{"email"=>"[email protected]", "password"=>"xxxxxxxx"}}
"===================================="
It seems there are two params, one is in controller, one is in warden.
Is there any configuration or any other things I missed?
Hope ur answers, Thank u.
Upvotes: 2
Views: 1570
Answers (1)
Reputation: 2226
Didn't see this question when I asked and answered something similar here https://stackoverflow.com/a/40512141/208769
Annoyingly, it seems that the params you see in the controller is a clone of the params that rack maintains, rather than a reference to it. And because warden intercepts the request in a middleware layer, it maintains its link to the request params, and knows nothing about the controller's clone.
In short, if you want to modify params and have warden see your modifications, you need to modify request.params
Upvotes: 2
Related Questions
- Getting error: Peer authentication failed for user "postgres", when trying to get pgsql working with rails
- No route matches "/users/sign_out" devise rails 3
- Override devise registrations controller
- TypeError in Devise::RegistrationsController#create
- warden authentication returning 401
- Overriding Devise SessionsController#Create and create view - and authentication fails
- Devise not responding correctly to JSON message