Auth.isAuthenticated() — service._currentUser is null

[kkirsche]

Hey guys,

So we are using angular_devise with our application and are trying to utilize the service.isAuthenticated function in devise.js beginning on line 183. The problem is that service._currentUser is null.

In an attempt to debug this on our end, I found that save which is supposed to be called on login line 158 in the then. The problem is that save expects the user argument. If I add save(user) in next .then block, isAuthenticated works.

E.g. Doesn't work:

return $http(httpConfig('login', creds)).then(service.parse).then(save).then(function (user) {
    if (withCredentials && !loggedIn) {
        return broadcast('new-session')(user);
    }
    return user;
    }).then(broadcast('login'));
},

Works:

return $http(httpConfig('login', creds)).then(service.parse).then(save).then(function (user) {
    save(user);
    if (withCredentials && !loggedIn) {
        return broadcast('new-session')(user);
    }
    return user;
    }).then(broadcast('login'));
},

Is there something we are doing wrong or is this an issue with angular_devise?

[jridgewell]

save will receive user from service.parse via the promise. Something else is the issue here. Can you post some more details?

[kkirsche]

So the issue is that a logged in user is being authenticated as false with the isAuthenticated() method. Upon investigation, this was because on login, the current user is not being set in the service.login() method.

We are logging in the user as such:

1.) Inject devise.js into controller as Auth
2.) On the login action (form submission), we do the following:

$scope.login = function() {
      console.log("Credentials: ", $scope.credentials);
      Auth.login($scope.credentials).then(function(user) {
        $scope.invalidLogin = false;
        $scope.multipleLoginAttempts = false;
      }, function(response) {
        $scope.invalidLogin = true;
        $scope.loginAttemptNumber += 1;
        if ($scope.loginAttemptNumber >= 3) {
          $scope.multipleLoginAttempts = true;
        }
      });
    };

1. This should have logged in the user, and on login,the angular_devise's, aka Auth's, Auth.login($scope.credentials)... should run the user save() which saves the current user for use by other functions such as isAuthenticated().
2. A question of if the user is authenticated exists, we direct them to a function which runs the aforementioned "Auth" devise service's "isAuthenticated()" method which checks !!service._currentUser.

The issue I'm having is that this check returns false because service._currentUser is equal to null. This should not be the case as we are logged in and can access protected areas of the application.

[kkirsche]

The pull requests which I sent (which I am sorry for submitting from the lib directory) fixed the fact that the user is not being saved to service._currentUser by calling the save(user) explicitly in the login() method's .then block

[jridgewell]

The spot you've made the change is directly after the promise chain saves the parsed user.

                return $http(httpConfig('login', creds))
                    .then(service.parse)
                    .then(save)
                    .then(function(user) {
                        save(user); // Unnecessary
                        // Broadcast stuff
                    }

I'm certain the user is being saved as is. I believe there is another issue, either do to async or due to the way you're testing the issue. If you (after undoing your changes) add the following then callback, does it output your user?

Auth.login(creds).then(function(user) {
    console.log(user);
    console.log(Auth.isAuthenticated());
});

This should return your user object, and true.

[arashm]

I have a similar problem. My app needs to be refreshed after log in so server can populate layout with some data related to user. Your example on previous comment work. But it doesn't after page refresh. While Auth.currentUser() returns the current_user on server but Auth._currentUser is still null and Auth.isAuthenticated() will return false in all cases.

This is what happens after refresh:

Auth.currentUser().then(function(user){
    console.log(user)
    // => Object { id: 28, first_name: null, last_name: null, customer_id: 1, status: "active",...}
})

console.log(Auth.isAuthenticated())
// => false

console.log(Auth)
// => Object { _currentUser: null, parse: AuthProvider/_parse(), login: AuthProvider/this.$get</service.login(),...}

[arashm]

I was wrong actually. Auth.isAuthenticated() is called before currentUser() get resolved.

[RooTooZ]

👍