ember-simple-auth: ember-simple-auth-devise invalidate() does nothing

I just wanted to pass on my findings using ember-simple-auth and the gem ‘devise_token_auth’. I was required to send along the uid, client and access-token otherwise /users/sign_out would throw a 404. Hope this helps someone else. Thanks, @samselikoff for the example.

In app/authenticators/devise.js

export default DeviseAuthenticator.extend({
  ...
  invalidate: function(session) {
    return Ember.$.ajax({
      url:  '/users/sign_out',
      type: 'DELETE',
      beforeSend(request) {
        request.setRequestHeader( 'uid', session.uid );
        request.setRequestHeader( 'client', session.client );
        request.setRequestHeader( 'access-token', session.accessToken );
      }
    });
  },
  ...
});

@7sedam7: you’re probably not mixing in the ApplicationRouteMixin in your application route.

@samselikoff Yes! That is what I was doing, send a DELETE to the backend.

In light of #204 and because I need to keep the session, I chose to disable sending session cookies for JSON requests.

At first I was getting these errors:

POST http://localhost:4200/users/sign_in 500 (Internal Server Error)

NoMethodError (undefined method options' for {}:Hash): rack (1.5.2) lib/rack/session/abstract/id.rb:329:incommit_session’

So, based on the Rack source code I made it work with:

app/controllers/application_controller.rb

before_filter :use_dummy_session
def use_dummy_session
  env["rack.session.id"] = 1000 # used to avoid generate_sid()                 
  env["rack.session.options"][:drop] = true
end