I'm using devise_token_auth 1.1.3 and devise 4.4.3 together in my Rails application and I'm trying to remove the current user. My users are called 'staff'. The problem is when I try and delete the current user it tries to update the auth header for a user which doesn't exist.
def destroy
staff = Staff.find(params[:id])
if current_staff.entity == staff.entity
staff.destroy
render json: { success: "Staff Member Successfully Deleted" }, status: 200
else
render json: { success: "Staff Member failed to delete" }, status: :unprocessable_entity
end
end
Within that render json line it hits this line in devise_token_auth and crashes;
devise_token_auth (1.1.3) app/controllers/devise_token_auth/concerns/set_user_by_token.rb:105:in `update_auth_header'
Update: Try and use the registrations controller to delete user
I've set the current route overrides
mount_devise_token_auth_for 'Staff', at: 'auth', controllers: {
sessions: 'sessions',
registrations: 'registrations'
}
And overridden the registrations controller like so;
class RegistrationsController < DeviseTokenAuth::RegistrationsController
def destroy
puts 'test'
byebug
end
end
Now in my test if I call
delete "/auth/#{staff.id}"
It doesn't hit the byebug at all.
The way to do this is to add the following line of code at the top of your controller:
skip_after_action :update_auth_header, only: %i[destroy]
What this does is skip the update_auth_header after action defined in devise only for the "destroy" method.