404 POST http://localhost:3000/users/sign_in 401 (Unauthorized) (EDİTED)


I have found series of good tutorials for auth.I have implemented them.And they almost perfectly good to go except one little problem.I have got the error in title.I have followed along with this http://romulomachado.github.io/2015/09/28/using-ember-simple-auth-with-devise.html so you can have an idea how the code looks like.In rails part not much going on.Added active_model_serializer and rack-cors.Configured a json_api.rb.That’s it.

Weird Part is

It is actually able to post to proper url, but can’t proceed because of this error.Here are the repos so maybe it will give you guys a better idea about the problem.

Please help me solve this authentication problem.Auth has been bugging me for 3 week.


The error doesn’t help. It’s probably something that goes away after restarting your server.

Implementing authentication should be quite simple and take like an hour. Have a look here: https://emberigniter.com/real-world-authentication-with-ember-simple-auth/

If you have problems, try logging on to the ember slack and asking in #help



Try to update your application adapter as follow

import DataAdapterMixin from 'ember-simple-auth/mixins/data-adapter-mixin';

export default DS.JSONAPIAdapter.extend(DataAdapterMixin, {
  session    : Ember.inject.service(),
  authorizer : 'authorizer:application',

And, If you still have same issue. Just spent some time on below links.

  1. https://github.com/simplabs/ember-simple-auth
  2. https://github.com/simplabs/ember-simple-auth/tree/master/tests/dummy


I will try and leave a feedback :slight_smile: Thanks


So, is it enough to do only client side auth?


No, client side auth adds zero security and is pointless


Client side auth is needed in case you go off-line first but still want to visit the secret route on the plane.


Yes you are right.I have done some research and almost solved auth problem.But 1 small problem popped up.Can you please take a look?


Client side auth does nothing here to actually provide any security. It does nothing to prevent anyone actually visiting that route.