Devise session ends after ExtJs ajax request

Question

I am using Devise with Rails 3.0.6 and ExtJS 4.0.6. Devise Session ends after every AJAX Request from ExtJs.

I have gone through the links given here and here, but no luck. What could be the possible workaround for the same?

P.S: Code given here is already present within rails.js in rails 3.0.6.

Answer 1

What I have done in the past is to authenticate using HTTP authentication headers.

Here are some rough steps to follow:

In config/initializers/devise.rb, set the http_authenticatable config option to true.

config.http_authenticatable = true

Then in your ExtJS login panel, your form submission would look something like this:

var values = form.getValues();
var encodedCredentialsFromFormFields = Base64.encode(values['username'] + ':' + values['password']);

form.submit({
  url: '/users/sign_in',
  headers: {
    'Accept': 'application/json',
    'Authorization': 'Basic ' + encodedCredentialsFromFormFields
  },
  failure: function(form, action) {
    if (action.response.status === 401) { // Unauthorized
      console.log('sign in unsuccessful');
    } else if (action.response.status === 201) { // Created (as in new session created by Devise)
      console.log('sign in successful');
      if (! Ext.Ajax.defaultHeaders) {
        Ext.Ajax.defaultHeaders = {}
      }
      Ext.Ajax.defaultHeaders['Authorization'] = 'Basic ' + encodedCredentialsFromFormFields;
    } else {
      console.log('failed with status: ' + action.response.status);
    }
  }
});

The encodedCredentialsFromFormFields variable is a Base64 encoded string of the form "username:password". Note the colon (:) between the username and password. I've found the Base64 library from http://www.webtoolkit.info/javascript-base64.html to work well.