Reputation: 363
Devise 401 unauthorized only when the application is accessed over https
Scenario : I am working on a rails application in which our user is redirected to a third party application during payment request. Once it is done, we get the response back from that application via HTTP POST method. We have a controller action to handle that request but there is a before_action devise gem method 'authenticate_user!' for checking if the user is logged in.
Issue : when the application is accessed over https, the before_action check fails and the user is logged out of the application (Completed 401 Unauthorized). In case of http, it is fine.
Rails version : 4.2.6 Devise version : 3.5.6
I have not worked on devise much. Please let me know if you have any insights on this.
Upvotes: 1
Views: 415
Answers (1)
Reputation: 381
look to the token authentication. for example you can assign to before_action a method wich check if user it's authenticated by token and this token keep in params when you make first request to payemnt application. This is one example, you can make other scenario using token.
Upvotes: 0
Related Questions
- Devise & Ruby on Rails: How to resolve "Completed 401 Unauthorized" when trying to Log In
- Devise getting 401 unauthorized right after sign in
- Custom Devise 401 unauthorized response
- Devise hijacking a 401 response
- Rails devise authentication, external app requesting blocked
- Rails + Devise how not to force SSL?
- Devise redirects to https instead of http
- Devise 401 on Login
- Rails Devise not keeping https on sign in/out
- Rails Devise SSL Session Mix Up on Production