Q: Getting NoAdapterAvailableError? (R: Check the declarations order in your Gemfile!)

[emirkin]

I am getting SimpleTokenAuthentication::NoAdapterAvailableError with Mongo 4.0.2

class Account
  include Mongoid::Document

  acts_as_token_authenticatable
  field :authentication_token
  ...

class ApplicationController < ActionController::Base
  acts_as_token_authentication_handler_for Account

[gonzalo-bulnes]

Hello @emirkin,

I think I know what's going on: does simple_token_authentication appear before mongoid in your Gemfile? Try swapping them.

# Gemfile

gem 'mongoid', '~> 4.0'
gem 'simple_token_authentication', '~> 1.0'

Why?

When you start your Rails app, the dependencies are required by Bundler, which loads them in the same order they are declared in the Gemfile (unless they depend one on another).

# config/application.rb

# Requiring 'mongoid' at this point would solve the issue too,
# but you don't want to do that if you can swap the gems in you Gemfile.
Bundler.require(*Rails.groups)
# ...

Simple Token Authentication in fact does not depend on Mongoid (you could be using Active Record) and Bundler has no reason to load them in any specific order, which is sad because by design the MongoidAdapter is not loaded unless the Mongoid constant is defined.

Please confirm to me that swapping does the trick!

[emirkin]

Ha! I have just discovered just that. I wish I've seen your note yesterday :-)

[emirkin]

@gonzalo-bulnes , can I ask you 2 questions while I have your attention?

1. How can I skip authentication (i.e. some equivalent of skip_before_filter :authenticate_account!)?
2. How can I specify that I want the auth token parameter to be named "authentication_token" (as it was implemented in Devise before)? In my case, I specifically want to preserve backward compatibility.

Thanks much!

[gonzalo-bulnes]

Hi @emirkin,

All questions are welcome! That being said, I'd prefer to continue the discussion in the corresponding issues to keep one topic per issue, I give you the pointers here (and, by the way, I'll edit this issue title to make is easier to find):

1. Yes, you can skip authentication using except and before options on your controllers. See Q: Using acts_as_token_authentication_handler_for in the base controller: how do I create exceptions? (R: :only/:except options are supported) #53
   Please note that the unless option is not supported as of v1.8.0 but will be soon (v1.9.0). I described, however, a workaround in Q: How do I do enable/disable token authentication depending on the controller reponse format? (R: The Rails Way!) #155 that you can use if you're in a hurry.
2. There is no way for now to customize the param names specifically. (The names of the headers, on the contrary, can be customized through the header_names option. Here is the relevant code, see the difference between the token_header_name and the token_param_name methods for example.)

About backward compatibility with the deprecated Devise token authentication behaviour: please note that providing the user email (or any kind of identifier - see the identifiers option) is mandatory for security reasons (more in this gist). That was not part of the Devise strategy behaviour I think, so full backward compatibility is not possible anyway unless I'm wrong. It's for the better!

Regards!