0

I’m working on a Rails 8 API application where I have separated API routes from my admin panel:

namespace :api do
  get 'test', to: 'clerk_test#index'
end

devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)

I’m using Clerk JWT for API authentication, and my Contoller looks like this:

class Api::ClerkTestController < Api::BaseController

  include Clerk::Authenticatable

  before_action :index

  def index
    Rails.logger.info "ClerkTest#index called for user_id=#{clerk&.user_id}"
    render json: { message: "Clerk test successful", user_id: clerk.user_id }
  end
end

The issue:

  1. When I hit /api/test with random text in the Authorization header, it works as expected.
  2. When I hit /api/test with a valid JWT, I get the following error:

RuntimeError (No Failure App provided)

I think Warden/Devise is intercepting the request before it could reach the controller. How do I stop Warden/Devise to stop intercepting? I am using ActiveAdmin for admin authentications. I have tried with skip_before_action :authenticate_admin_user! if defined?(authenticate_admin_user!). But in vain.

Improve this question
4
  • An example of the logged request as well as the full stack trace might be useful. Also given that this seems to be directly related to the Clerk SDK, your configuration for Clerk might also help. Also if you are customizing devise in anyway please supply that information as well Commented Sep 18 at 13:33
  • Warden expects a failure app to be configured. A failure app is a middleware that gets called when the authorization attempt fails, and it's responsible to redirect the user to the sign in page. My approach would be to step through the code, for example with a debugger, and look why under some circumstances there's no failure app set. Maybe in your setup, you set the failure app when the authorization is already failing, and you need to set it for any request. But that last part is mostly guesswork. Commented Oct 26 at 7:59
  • Did you find a solution? I am facing the similar problem in Rails 8.1 with active admin. Commented Nov 14 at 13:14
  • @Andrés, yes. I had to introduce a custom middleware on top of Active Admin to intercept the request and create a fake Warden object so that Warden is satisfied. Commented Nov 26 at 4:42
Related questions
3
Ruby-on-Rails: Devise custom failure app problem
3
Ruby On Rails authentication with Devise and (warden) callbacks
1
Ruby on Rails uncaught throw :warden with Devise.
Load 6 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.