Ember POST 405 (Not Allowed) w/ Rails API

Question

I am getting a POST https://heroku_client_path.herokuapp.com/login 405 (Not Allowed) for an Ember.js app with a Rails api (both on heroku)

When processing a login or sign up. I feel the Request URL should be the heroku server path /login as I set my ADAPTER_URL heroku config var, and not the heroku client URL shown above.

I believe I have CORS setup correctly.

I am using Ember-CLI. I hand rolled the auth it is not Simple-Auth.

environment.js:

module.exports = function(environment) {
  var ENV = {
    modulePrefix: 'client-rantly',
    environment: environment,
    baseURL: '/',
    adapterURL: process.env.ADAPTER_URL,
    locationType: 'auto',
    EmberENV: {
      FEATURES: {
      }
    },
  }; 

  if (environment === 'development') {
  }

  if (environment === 'production') {   
  }

  return ENV;
};

adapters/application.js:

import DS from 'ember-data';
import ENV from '../config/environment';

export default DS.ActiveModelAdapter.extend({
  host: ENV.adapterURL || ENV.ADAPTER_URL,
  headers: function () {
    return {
      'auth_token': localStorage.getItem('authToken')
    };
  }.property('authToken')
});

brocfile.js

var EmberApp = require('ember-cli/lib/broccoli/ember-app');

var app = new EmberApp({
  dotEnv: {
    clientAllowedKeys: ['ADAPTER_URL']
  }
});
module.exports = app.toTree();

controllers/application.js

import Ember from 'ember';

export default Ember.Controller.extend({
  needs: ['search'],
  isAuthenticated: false,

  init: function() {
    var authToken = localStorage.getItem('authToken');
    if(authToken) {
      this.isAuthenticated = true;
    }
  },

  actions: {

    login: function () {
      var credentials = {
        email: this.get('email'),
        password: this.get('password')
      };

      this.set('errorMessage', null);
      return Ember.$.post('login', credentials).then(function(response){
        this.set('errorMessage', response.error);
        if (response.auth_token) {
          localStorage.setItem('authToken', response.auth_token);
          localStorage.setItem('userId', response.user_id);
          this.set('isAuthenticated', true);
          location.reload();
        }
      }.bind(this));
    },
  }
});

cors rails side - config/application.rb

require File.expand_path('../boot', __FILE__)
require 'rails/all'

Bundler.require(*Rails.groups)

module ServerRantly
  class Application < Rails::Application
    config.active_record.raise_in_transactional_callbacks = true
    config.autoload_paths << Rails.root.join('lib')

    config.middleware.insert_before 0, "Rack::Cors", :debug => true, :logger => (-> { Rails.logger }) do
      allow do
        origins '*'

        resource '/cors',
          :headers => :any,
          :methods => [:post],
          :credentials => true,
          :max_age => 0

        resource '*',
          :headers => :any,
          :methods => [:get, :post, :delete, :put, :options, :head],
          :max_age => 0
      end
    end
  end
end

Answer 1

On this line:

adapterURL: process.env.ADAPTER_URL

Where is process.env.ADAPTER_URL defined?

It seems like you are on the right track with overriding host on the ActiveModelAdapter adapter to use your non-client URL.