Issue with a custom logout route

Question

Issue with a custom logout route

vddgil opened this issue 2 years ago · comments

Gil Vandendriessche commented 2 years ago

Hello,

In my project, I need a custom logout route.
Here is my SessionsController including that route:

module Api
    class SessionsController < Api::BaseController
        def destroy
            authenticate_and_set_user
            blacklist_token
            render json: { success: true }
        end
    end
end

I can see in the log that the user is loaded, then the token is blacklisted but just after that, for whatever reason, I get JWT::InvalidJtiError (Missing jti) which raise a 500 error. I don't know why i get that, any idea ?

Thanks a lot for this awesome lib

Gokul Murali · Answer 1 · Wed Sep 07 2022 14:23:29 GMT+0800 (China Standard Time)

Can you share the route config and the full exception backtrace from log?

Gil Vandendriessche · Answer 2 · Wed Sep 07 2022 17:00:50 GMT+0800 (China Standard Time)

Hey @Gokul595,
Of course, here your are:

The route config:

Rails.application.routes.draw do
    constraints subdomain: "api" do
        .....
        api_guard_routes for: "users", only: [:tokens]
        .....
        scope module: "api", defaults: { format: "json" } do
            .....
            resource :sessions, only: [:create, :destroy, :show]
            .....
        end
    end
end

Here is a gist with the logs https://gist.github.com/vddgil/efd7dea8b307255c1695eddf1a15d090

Thanks a lot!

Gil Vandendriessche · Answer 3 · Wed Sep 07 2022 17:26:35 GMT+0800 (China Standard Time)

Ok, found the issue.
I still have devise-jwt Gem in my app. It was trying to do something in an after action.
Sorry for that, but it's working now :)
Thanks a lot !