[Ruby] How to disable Set-Cookie from API on the front side

1 minute read

background

devise-token-auth to create a mobile app version of a Rails web app created using devise When I try to enable token authentication with lynndylanhurley / devise_token_auth), the cookie works and another user information is returned.

What i was doing

I was checking the endpoint created by devise-token-auth by hitting it from the front.
If I hit it directly with curl, it would work …

solution

import { NativeModules } from 'react-native';

NativeModules.Networking.clearCookies(() => { });

The reference article is as it is, but if you do this on the front side (React Native), the cookie sent from the API will be cleared on the front side and it will work as expected.

This time it was supported on the front side, but it seems that it can also be supported by overriding the devise-token-auth controller on the back end side.

Why cookies were stored

It seems that native apps store cookies by default.
By the way, although Cookies can not be used by default in Rails API mode, this time I was trying to add token authentication to an existing web application with devise-token-auth, so cookies are being passed. It was.

Reference article

https://qiita.com/kakken1988/items/504e679504b9e710cf21

By the way

We are making an album / photo sharing service called Memopic. Please use it!
If you have any opinions or requests, please contact us here ([email protected]).

Not only here, but also when introducing devise-token-auth, I was a little addicted to coexisting with devise, so I will write an article about it soon ~

We look forward to your suggestions and opinions!