egervari
egervari

Reputation: 22522

How do you pass devise authentication details to a rails controller action?

I have a controller action that is expected to be called by jquery. Here's the call:

    $.ajax({
        url: "/comments.json",
        type: "POST",
        dataType: "json",
        data: {
            commentable_id: $("#addCommentForm").attr("data-site-update-id"),
            commentable_type: 'SiteUpdate',
            content: $("#addCommentForm textarea#content").val()
        },
        success: function(comment) {

        }
    });

It works just fine, but for some reason, "current_user" is nil inside of the controller. If I force authenticate_user! as a filter, rails returns an HTTP Unauthorized.

How can I pass the authentication details so that this controller action works with devise? Even better, is there a way I can make this transparent? I don't want to pass the authentication details over and over for each ajax request...

In Java, once a user is logged in... they are logged in. You don't have pass anything from url to url anymore - it's in a session somewhere and it's all occuring transparently. Is there a way I can do this with rails? I don't want to focus on these details.

Thanks

EDIT: The solution is to add the following to your javascript somewhere:

$(document).ajaxSend(function(e, xhr, options) {
    var token = $("meta[name='csrf-token']").attr("content");
    xhr.setRequestHeader("X-CSRF-Token", token);
});

Upvotes: 2

Views: 1018

Answers (1)

Steve Wilhelm
Steve Wilhelm

Reputation: 6270

Devise does maintain sessions.

This may be your problem.

Upvotes: 2

Related Questions