I have a react frontend that is sending AJAX requests to /users/sign_in
, except the react frontend can't access any of the Authorization headers that should be coming back.
I suspect it's because the rails backend is sending a 302 redirect on successful login.
I need access to the Authorization headers, and it seems that the frontend has no choice but to follow redirects.
Do I need to stop devise from redirecting on successful login, or is there some other reason my frontend is unable to see the Authorization headers?
I've installed a gem called devise-jwt
which adds an Authorization header to the response on successful login attempts.
I think you have to add the below code in your application.rb
config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource(
'*',
headers: :any,
expose: ["Authorization"],
methods: [:get, :patch, :put, :delete, :post, :options, :show]
)
end
end
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.