User not logged in after email confirmation

[smarquez1]

After registering a new user, and clicking on the confirmation link, the user is not logged in and the events 'auth:email-confirmation-success' , 'auth:email-confirmation-error' don't work.

The server does confirm the user and I can log in manually after this.

There are no visible js errors. Here's the rails output.

Started GET "/api/auth/confirmation?confirmation_token=abAsBkDwUYW8K6zDPV2k" for 127.0.0.1 at 2014-08-23 17:13:52 -0300
Processing by DeviseTokenAuth::ConfirmationsController#show as HTML
  Parameters: {"confirmation_token"=>"abAsBkDwUYW8K6zDPV2k"}
  User Load (0.2ms)  SELECT  "users".* FROM "users"  WHERE "users"."confirmation_token" = '58c57c0679304e4feec4e3aab44aef773bb5dc4cba577e3e05281120ea7f1e1c'  ORDER BY "users"."id" ASC LIMIT 1
   (0.1ms)  begin transaction
  SQL (0.5ms)  UPDATE "users" SET "confirmation_token" = ?, "confirmed_at" = ?, "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 7  [["confirmation_token", nil], ["confirmed_at", "2014-08-23 20:13:52.834105"], ["tokens", "{}"], ["updated_at", "2014-08-23 20:13:52.834758"]]
   (174.7ms)  commit transaction
   (0.1ms)  begin transaction
  SQL (0.2ms)  UPDATE "users" SET "confirmation_token" = ?, "tokens" = ?, "updated_at" = ? WHERE "users"."id" = 7  [["confirmation_token", "abAsBkDwUYW8K6zDPV2k"], ["tokens", "{\"rqqUfUebi27nfkms1Q95gg\":{\"token\":\"$2a$10$M7MLatfE53/oTzlAku7Z/.a8SKEZowRc0w3FIUnv1.4OeGKtDuHB.\",\"expiry\":1410034433}}"], ["updated_at", "2014-08-23 20:13:53.082659"]]
   (161.1ms)  commit transaction
Redirected to http://localhost:9000/?account_confirmation_success=true&client_id=rqqUfUebi27nfkms1Q95gg&expiry=1410034433&token=3soO5-IWmiuQEFXqPv96dQ&uid=xxx%40gmail.com#/users/new
Completed 302 Found in 415ms (ActiveRecord: 337.0ms)

[lynndylanhurley]

Thanks @smarquez1, I'll look into this now. Which version of Devise do you have installed?

[smarquez1]

devise 3.2.4, will also try devise 3.3.0. I think this have happened to me with older versions of the gem and ng library, but didn't have time to test.

[lynndylanhurley]

There's a known issue with devise 3.3.0 (documented here). It's probably safe to stick with 3.2.4 for now.

[smarquez1]

Cool, your gem does'nt allow me to update devise (as it should)

I'm using:
gem 'devise_token_auth', '0.1.26.beta3'
and
"ng-token-auth": "~0.0.20-beta3",

[lynndylanhurley]

@smarquez1 - there's a known issue with devise 3.3.0 so I locked the gem to 3.2.x.

I posted an issue with devise (heartcombo/devise#3163). Until the issue is resolved, this gem is not compatible with devise 3.3.x.

[lynndylanhurley]

@smarquez1 - I'm having trouble reproducing this bug. Can you please check the demo site and let me know if you can trigger the error there?

[smarquez1]

It does work at the demo site. I'll try to reproduce it locally on the demo site

[smarquez1]

@lynndylanhurley I tried using devise_token_auth_demo repo replacing my backend and the same happens, so my front-end must be misconfigured.
I'm learning to use angularjs right now so I don't have much experience. My frontend app is pretty much a default https://github.com/yeoman/generator-angular app if that helps.

[lynndylanhurley]

Your rails logs indicate that everything is working on the backend.

Can you post the code that you're using to subscribe to the auth:email-confirmation-success event?

[smarquez1]

Here you go:

$scope.$on("auth:email-confirmation-success", function(ev, data) {
    return $modal({
        title: "Success!",
        html: true,
        content: "<div id='alert-email-confirmation-success'>Welcome " + data.email + ". Your account has been successfully created." + "</div>"
    });
});

$scope.$on("auth:email-confirmation-error", function(ev, data) {
    return $modal({
        title: "Error!",
        html: true,
        content: "<div id='alert-email-confirmation-error'>Unable to confirm " +
            "your account. Request a password reset to verify your identity." + "</div>"
    });
});

[markusklooth]

@smarquez1 - I think I had a similar bug where it did not bind the events. Try setting validateOnPageLoad: false in your $authProvider.configure. That worked for me.

[lynndylanhurley]

This could be a scoping issue. Try using $rootScope.$on instead of $scope.$on.

[smarquez1]

@markusklooth , @lynndylanhurley - Tried both solutions with no luck. It's like the event doesn't get propagated.

[lynndylanhurley]

@smarquez1 - it could be that the scope that is bound to the event doesn't exist when the event is fired. Does this code run inside of a controller? If so, are you sure that the controller is available when the auth:email-confirmation-success event is fired?

Can you try binding the event within a run method? Something like this:

angular.module('myApp')
  .run(function($rootScope) {
    $rootScope.$on("auth:email-confirmation-success", function(ev, data) {
      $modal({
        title: "Success!",
        html: true,
        content: "<div id='alert-email-confirmation-success'>Welcome " + data.email + ". Your account has been successfully created." + "</div>"
      });
    });

    $rootScope.$on("auth:email-confirmation-error", function(ev, data) {
      $modal({
        title: "Error!",
        html: true,
        content: "<div id='alert-email-confirmation-error'>Unable to confirm " +
          "your account. Request a password reset to verify your identity." + "</div>"
      });
    });
  });

This will ensure that the code runs regardless of whether or not a controller is present.

[smarquez1]

@lynndylanhurley - The code runs inside a controller. The controller is available. Using the code you wrote I still have the same problem. I know it's a lot to ask, but do you think you can take a look at my repo too see what's wrong?

[lynndylanhurley]

@smarquez1 - no problem!! Add me as a collaborator and I'll take a look ASAP.

[smarquez1]

@lynndylanhurley - Invited! thanks so much for doing this

[lynndylanhurley]

@smarquez1 - I found the problem. It looks like angular is having trouble parsing the params from confirmation success redirect url.

This is the current redirect url:

http://localhost:9000/?account_confirmation_success=true&client_id=rqqUfUebi27nfkms1Q95gg&expiry=1410034433&token=3soO5-IWmiuQEFXqPv96dQ&uid=xxx%40gmail.com#/users/new

Everything works ok if the querystring is moved to the end:

http://localhost:9000/#/users/new?account_confirmation_success=true&client_id=rqqUfUebi27nfkms1Q95gg&expiry=1410034433&token=3soO5-IWmiuQEFXqPv96dQ&uid=xxx%40gmail.com

I'll continue to investigate why this is happening, and what can be done to prevent this issue. I'll get back to you later this afternoon.

[lynndylanhurley]

@smarquez1 - I just pushed a commit to your repo that updates the devise_token_auth gem to version 0.1.27.beta1. Please confirm that the issue is resolved.

[smarquez1]

It works! Thank you very much @lynndylanhurley. Will keep reporting bugs.

[lynndylanhurley]

Great! Thanks @smarquez1!

[bobzhang199102]

Hi @lynndylanhurley , I used the devise_token_auth, but when I click the link from my mailbox, it cannot work. The confirmation is not finished.