Develop Reference

Rails 6 session variables not persisting

I have a relatively new Rails 6 app (Rails 6.1.3.1), so there's not a whole lot of customization yet. However, I cannot get session variables to persist.
For example, if I put something like the following in a controller action:
class PagesController < ApplicationController
skip_before_action :authenticate_user!
def home
byebug
session[:foo] = 'bar'
end
end
I would expect session[:foo] to be nil on the first request, but I would expect it to be set to 'bar' on all subsequent requests. However, it's nil every time.
This is causing a major problem with CSRF functionality, because the session[:_csrf_token] is being reset on every request. This means that no request has a valid CSRF token, so I can't get login to work.
For the life of me, I cannot figure out what is going on. I've tried monkeying around with browser settings and environment settings, but nothing has worked.
I've been banging my head on this for a couple days now. What am I missing? What might cause the session to be reset on every request?
Here is some more context:
# Gemfile
source 'https://rubygems.org'
git_source(:github) { |repo| "https://github.com/#{repo}.git" }
ruby '3.0.1'
gem 'rails', '6.1.3.1'
gem 'pg'
gem 'puma'
gem 'bootsnap', require: false
gem 'jbuilder'
gem 'webpacker'
gem 'redis'
gem 'autoprefixer-rails'
gem 'aws-sdk-s3'
gem 'delayed_job_active_record'
gem 'devise'
gem 'image_processing'
gem 'kaminari'
gem 'money-rails'
gem 'pg_search'
gem 'postmark-rails'
gem 'pundit'
gem 'roadie-rails'
gem 'rollbar'
gem 'sassc-rails'
gem 'tailwindcss-rails'
gem 'view_component', require: 'view_component/engine'
group :development, :test do
gem 'byebug'
end
group :development do
gem 'guard'
gem 'guard-minitest'
gem 'binding_of_caller'
gem 'listen'
gem 'spring'
gem 'web-console'
end
group :test do
gem 'capybara'
gem 'minitest-focus'
gem 'minitest-rails'
gem 'minitest-reporters'
gem 'mocha'
gem 'pdf-inspector'
gem 'selenium-webdriver'
gem 'rexml'
gem 'webdrivers'
end
group :development, :production do
gem 'stripe'
end
# application.rb
require_relative "boot"
require "rails/all"
# Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production.
Bundler.require(*Rails.groups)
class Env
def self.var(*args)
var = args.join('_').upcase
ENV[var] || Rails.application.credentials[Rails.env.to_sym].dig(*args)
end
end
module Foobar
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
config.load_defaults 6.1
# Configuration for the application, engines, and railties goes here.
#
# These settings can be overridden in specific environments using the files
# in config/environments, which are processed later.
#
# config.time_zone = "Central Time (US & Canada)"
# config.eager_load_paths << Rails.root.join("extras")
config.autoload_paths += %W( #{config.root}/app/components )
config.autoload_paths += %W( #{config.root}/app/forms )
config.autoload_paths += %W( #{config.root}/app/utilities )
# Look in components folder when determining which classes to include.
config.assets.css_compressor = Tailwindcss::Compressor.new(files_with_class_names: Rails.root.glob("app/components/**/*.*"))
end
end
# application_controller.rb
class ApplicationController < ActionController::Base
include Pundit
protect_from_forgery with: :reset_session, prepend: true
before_action :authenticate_user!
default_form_builder Forms::Builder
attr_writer :title
helper_method :body_class, :title
def authorize(record, query = nil)
super([:authorization, record], query)
end
def body_class
"#{params[:controller].gsub('/', '_')}"
end
def policy_scope(scope)
super([:authorization, scope])
end
def title
#title || default_title
end
private
def default_title
controller_name.singularize.humanize.capitalize
end
end
# development.rb
require "active_support/core_ext/integer/time"
Rails.application.configure do
config.session_store :cache_store
# Settings specified here will take precedence over those in config/application.rb.
# In the development environment your application's code is reloaded any time
# it changes. This slows down response time but is perfect for development
# since you don't have to restart the web server when you make code changes.
config.cache_classes = false
# Do not eager load code on boot.
config.eager_load = false
# Show full error reports.
config.consider_all_requests_local = true
# Enable/disable caching. By default caching is disabled.
# Run rails dev:cache to toggle caching.
if Rails.root.join('tmp', 'caching-dev.txt').exist?
config.action_controller.perform_caching = true
config.action_controller.enable_fragment_cache_logging = true
config.cache_store = :memory_store
config.public_file_server.headers = {
'Cache-Control' => "public, max-age=#{2.days.to_i}"
}
else
config.action_controller.perform_caching = false
config.cache_store = :null_store
end
# Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local
# Don't care if the mailer can't send.
config.action_mailer.raise_delivery_errors = false
config.action_mailer.perform_caching = false
config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
# Print deprecation notices to the Rails logger.
config.active_support.deprecation = :log
# Raise exceptions for disallowed deprecations.
config.active_support.disallowed_deprecation = :raise
# Tell Active Support which deprecation messages to disallow.
config.active_support.disallowed_deprecation_warnings = []
# Raise an error on page load if there are pending migrations.
config.active_record.migration_error = :page_load
# Highlight code that triggered database queries in logs.
config.active_record.verbose_query_logs = true
# Debug mode disables concatenation and preprocessing of assets.
# This option may cause significant delays in view rendering with a large
# number of complex assets.
config.assets.debug = false
# Suppress logger output for asset requests.
config.assets.quiet = true
# Raises error for missing translations.
# config.i18n.raise_on_missing_translations = true
# Annotate rendered view with file names.
# config.action_view.annotate_rendered_view_with_filenames = true
# Use an evented file watcher to asynchronously detect changes in source code,
# routes, locales, etc. This feature depends on the listen gem.
config.file_watcher = ActiveSupport::EventedFileUpdateChecker
# Uncomment if you wish to allow Action Cable access from any origin.
# config.action_cable.disable_request_forgery_protection = true
end

Ok, found the problem. Turns out that I had copied the setting config.session_store :cache_store in development.rb from a different project I had been working on. However, this setting was added as part of the StimulusReflex setup for that other project.
From the StimulusReflex docs:
Cookie-based session storage is not currently supported by StimulusReflex.
Instead, we enable caching in the development environment so that we can assign our user session data to be managed by the cache store.
The default setting for this option is cookie_store. By changing it to :cache_store without specifying a cache repo, it implements ActionDispatch::Session::CacheStore and defaults to storing it in Rails.cache, which uses the :file_store option, which dumps it in tmp/cache.
However, further down in development.rb, there is some conditional logic that assigns config.cache_store to :null_store if there is no caching-dev.txt file. This implements ActiveSupport::Cache::NullStore, which is "a cache store implementation which doesn't actually store anything."
So because I had not enabled caching with rails dev:cache for this project, the session cache was getting toasted with every request.
LESSON LEARNED: Be very careful when copying config settings from an old project to a new one!

Rails 4: assets on Heroku

I have deployed my app to heroku, but some assets are not loading, e.g.:
GET https://myapp.herokuapp.com/javascripts/s3_direct_upload.js - 404
GET https://myapp.herokuapp.com/stylesheets/s3_direct_upload_progress_bars.css - 404
the problem is in precompile, I have to add every file manually to assets.rb
but I don't really want to do it, because there are many of them
in my assets.rb I tried:
Rails.application.config.assets.precompile << Proc.new { |path|
if path =~ /\.(css|js)\z/
full_path = Rails.application.assets.resolve(path).to_path
app_assets_path = Rails.root.join('app', 'assets').to_path
if full_path.starts_with? app_assets_path
puts "including asset: " + full_path
true
else
puts "excluding asset: " + full_path
false
end
else
false
end
}
and:
Rails.application.config.assets.precompile = false
but it's not working
I've added to application.rb
config.serve_static_files = true
also, //=require from my precompilled assets are not included into header
everything works good in dev environment on my laptop
what do I need to change to make it work in production?
Update
I use helper, to include some js and css files in views:
def javascript(*files)
content_for(:foot) { javascript_include_tag(*files) }
end
and in my view I have:
<% stylesheet 's3_direct_upload_progress_bars' %>
<% javascript 's3_direct_upload', 'init.script.js' %>
assets from gem s3_direct_upload are not loading
init.script.js is located in assets/javascripts, so it is loading as it should be
another problem, in my application.js I have:
//= require jquery
//= require jquery.slicknav.min.js
$(function ()
{
$('#menu').slicknav();
});
after assets:precompile it looks okay, but in console I have error:
$(...).slicknav is not a function
so it was compiled wrong? everything works good in development environment
Update 2
Ignore the second problem, I found second require for jquery, it caused this error
but I still can't include assets from gem without precompile,
can I somehow disable this behavior? I just want include some assets for specific actions without headache

By default Rails 4 will not serve your assets. To enable this functionality you need to go into config/application.rb and add this line:
config.serve_static_assets = true
Alternatively you can achieve the same result by including the rails_12factor gem in your Gemfile:
gem 'rails_12factor', group: :production
This gem will configure your application to serve static assets so that you do not need to do this manually in a config file.
Hope this will work for you.

Rails App On Heroku - Status 500 Error => Blank White Page

I have a Rails app on Heroku staging server and everything has gone well except for the error pages aren't working. Every time I get a "status: 500" error, it results in a blank white page, NOT the 500.html static error page.
I have a static 500.html page in the my_app/public folder, and I can access it in heroku if I try to do so directly via myapp.herokuapp.com/500. It will display fine then. But if I get a real "status: 500" error in the program, it will not render the 500.html page... rather, it renders a blank white page.
To create an error, I attempted to go to a non-existent page.
The logs indicate that the "status: 500" error has occured, but again, white page. Here is part of the output from the logs:
heroku[router]: at=info method=GET path="/fakepage" host=myapp.herokuapp.com request_id=20825-b474-4e-37f-c52486140 fwd="67.xxx.xxx.x" dyno=web.1 connect=1ms service=108ms status=500 bytes=949
Started GET "/fakepage" for xx.xxx.xxx.x at 2014-08-24 03:50:31 +0000
app[web.1]: ** [Raven] User excluded error: #<ActionController::RoutingError: No route matches [GET] "/fakepage">
In the config/environment/staging.rb I have the following:
config.consider_all_requests_local = false
config.serve_static_assets = true #after the default of false didn't work
It seems like this shouldn't be one of those "tough issues"... and not finding any prior posts or articles that directly related to my question makes me think it must be something inane on my part. I'm currently running Ruby 2.0.0p451 & Rails 4.1.1. I have Sentry setup through heroku for monitoring errors. Let me know if there's any other useful info I could provide.
EDIT
I should mention that my Gemfile looks like this:
source 'https://rubygems.org'
ruby '2.0.0'
gem 'rails' #, '4.1.1'
gem 'bcrypt'
gem 'bootstrap_form'
gem 'bootstrap-sass'
gem 'carrierwave'
gem 'coffee-rails'
gem 'dropzonejs-rails'
gem 'email_validator'
gem 'fog'
gem 'geocoder'
gem 'haml-rails'
gem 'jquery-rails'
gem 'jquery-turbolinks'
gem 'jquery-ui-rails'
gem 'mini_magick'
gem 'paratrooper'
gem 'sass-rails'
gem 'sidekiq'
gem 'sinatra', require: nil
gem 'turbolinks'
gem 'uglifier'
gem 'unicorn'
group :production, :staging do
gem 'pg'
gem 'rails_12factor'
gem 'sentry-raven'
end
That is, I do have the gem 'rails_12factor' in the correct group for both staging & production environments as noted in a similar question regarding serving static assets in heroku with Rails4... essentially what an error page would be doing.
I have the app setup to run multiple processes through Unicorn, and have Unicorn temporarily setup to handle Sidekiq processes internally while the app is in testing (to avoid a second dyno). Also running Redis.
config/environments/staging.rb
Rails.application.configure do
config.cache_classes = true
config.eager_load = true
config.consider_all_requests_local = false
config.action_controller.perform_caching = true
config.serve_static_assets = true
config.assets.js_compressor = :uglifier
config.assets.compress = true
config.assets.compile = true #WAS FALSE
config.assets.digest = true
config.assets.version = '1.0'
config.action_mailer.default_url_options = { host: "..." }
config.action_mailer.delivery_method = :smtp
ActionMailer::Base.smtp_settings = {
:port => ENV['MAILGUN_SMTP_PORT' ],
:address => ENV['MAILGUN_SMTP_SERVER' ],
:user_name => ENV['MAILGUN_SMTP_LOGIN' ],
:password => ENV['MAILGUN_SMTP_PASSWORD'],
:domain => '...',
:authentication => :plain }
config.log_level = :info #see everything in the log
config.i18n.fallbacks = true
config.log_formatter = ::Logger::Formatter.new
config.action_dispatch.show_exceptions = false #per sentry-raven docs
config.active_record.dump_schema_after_migration = false
config.active_support.deprecation = :notify #send to registered listeners

I finally got to the bottom of the issue.
The conclusion is that Heroku will serve the basic error pages when a status error (404, 500, etc) happens in a vanilla Rails application without any custom classes. After I determined that, it helped direct the diagnosis.
Looking through the config/environments/staging.rb code, I saw the LOC that sentry-raven stipulated in their docs should be set to false:
config.action_dispatch.show_exceptions = false #per sentry-raven docs
After setting this back to true, the status error pages started functioning:
config.action_dispatch.show_exceptions = true #status error pages work again!
So, I may have been misunderstanding sentry-raven's docs & incorporating it incorrectly into the Rails app configs, or something otherwise, but that's what the issue turned out to be.
So, if you your Heroku hosted Rails app is performing fine and then runs into the "white screen of death" upon any status error, this is one more thing to check in your attempts to diagnose.

What's the file difference between rails 3.2.0 and 3.2.7? (re: upgrading)

I want to upgrade from rails 3.2.0 to 3.2.7 and I am looking for a comprehensive listing of app-context file changes between the two.

The following is an annotated recursive diff of a rails 3.2.0 app and a rails 3.2.7 app, excluding Gemfile.lock and config/initializers/secret_token.rb. To upgrade, make these changes and run bundle update.
By the way, here are the intermediary release announcements: 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6.
Gemfile
diff --recursive rails-3.2.0/depot/Gemfile rails-3.2.7/depot/Gemfile
3c3
< gem 'rails', '3.2.0'
---
> gem 'rails', '3.2.7'
18c18
< # gem 'therubyracer'
---
> # gem 'therubyracer', :platforms => :ruby
31c31
< # Use unicorn as the web server
---
> # Use unicorn as the app server
38c38
< # gem 'ruby-debug19', :require => 'ruby-debug'
---
> # gem 'debugger'
app/assets/stylesheets/application.css -- add space (cosmetic)
diff --recursive rails-3.2.0/depot/app/assets/stylesheets/application.css rails-3.2.7/depot/app/assets/stylesheets/application.css
13c13
< */
---
> */
config/application.rb -- add config lines (read about whitelist_attributes here)
diff --recursive rails-3.2.0/depot/config/application.rb rails-3.2.7/depot/config/application.rb
41a42,44
> # Enable escaping HTML in JSON.
> config.active_support.escape_html_entities_in_json = true
>
51c54
< # config.active_record.whitelist_attributes = true
---
> config.active_record.whitelist_attributes = true
config/environments/production.rb -- change comment
diff --recursive rails-3.2.0/depot/config/environments/production.rb rails-3.2.7/depot/config/environments/production.rb
23c23
< # Defaults to Rails.root.join("public/assets")
---
> # Defaults to nil and saved in location specified by config.assets.prefix

If you're looking for an exact file difference, you can use Github to compare the tags:
https://github.com/rails/rails/compare/v3.2.0...v3.2.7#files_bucket

Try pkgdiff tool to create visual diffs for rails packages. To create the one for 3.2.0 and 3.2.7 run:
$ pkgdiff -old rails-3.2.0-0-gf36dcaf.tar.gz -new rails-3.2.7-0-gd1b9cf2.tar.gz
The output is this HTML report.

rails 3.1.0 ActionView::Template::Error (application.css isn't precompiled)

I made a basic rails app with a simple pages controller with an index function and when I load the page I get:
ActionView::Template::Error (application.css isn't precompiled):
2: <html>
3: <head>
4: <title>Demo</title>
5: <%= stylesheet_link_tag "application" %>
6: <%= javascript_include_tag "application" %>
7: <%= csrf_meta_tags %>
8: </head>
app/views/layouts/application.html.erb:5:in `_app_views_layouts_application_html_erb__43625033_88530400'
Gemfile
source 'http://rubygems.org'
gem 'rails', '3.1.0'
# Bundle edge Rails instead:
# gem 'rails', :git => 'git://github.com/rails/rails.git'
gem 'sqlite3'
gem 'execjs'
gem 'therubyracer'
# Gems used only for assets and not required
# in production environments by default.
group :assets do
gem 'sass-rails', " ~> 3.1.0"
gem 'coffee-rails', "~> 3.1.0"
gem 'uglifier'
end
gem 'jquery-rails'
# Use unicorn as the web server
# gem 'unicorn'
# Deploy with Capistrano
# gem 'capistrano'
# To use debugger
# gem 'ruby-debug19', :require => 'ruby-debug'
group :test do
# Pretty printed test output
gem 'turn', :require => false
end

By default Rails assumes that you have your files precompiled in the production environment, if you want use live compiling (compile your assets during runtime) in production you must set the config.assets.compile to true.
# config/environments/production.rb
...
config.assets.compile = true
...
You can use this option to fallback to Sprockets when you are using precompiled assets but there are any missing precompiled files.
If config.assets.compile option is set to false and there are missing precompiled files you will get an "AssetNoPrecompiledError" indicating the name of the missing file.

You will get better performance in production if you set config.assets.compile to false in production.rb and precompile your assets. You can precompile with this rake task:
bundle exec rake assets:precompile
If you are using Capistrano, version 2.8.0 has a recipe to handle this at deploy time. For more info, see the "In Production" section of the Asset Pipeline Guide:
http://guides.rubyonrails.org/asset_pipeline.html

OK - I had the same problem. I didn't want to use "config.assets.compile = true" - I had to add all of my .css files to the list in config/environments/production.rb:
config.assets.precompile += %w( carts.css )
Then I had to create (and later delete) tmp/restart.txt
I consistently used the stylesheet_link_tag helper, so I found all the extra css files I needed to add with:
find . \( -type f -o -type l \) -exec grep stylesheet_link_tag {} /dev/null \;

A quick fix for capistrano user is to put this line to Capfile
# Uncomment if you are using Rails' asset pipeline
load 'deploy/assets'

For all those who are reading this but do not have problem with application.css and instead with their custom CSS classes e.g. admin.css, base.css etc.
Solution is to use as mentioned
bundle exec rake assets:precompile
And in stylesheets references just reference application.css
<%= stylesheet_link_tag "application", :media => "all" %>
Since assets pipeline will precompile all of your stylesheets in application.css. This also happens in development so using any other references is wrong when using assets pipeline.

I was having the exact same error in my development environment. In the end all I needed to do in order to fix it was to add:
config.assets.manifest = Rails.root.join("public/assets")
to my config/environments/development.rb file and it fixed it. My final config in development related to assets looks like:
config.assets.compress = false
config.assets.precompile += %w[bootstrap-alerts.js] #Lots of other space separated files
config.assets.compile = false
config.assets.digest = true
config.assets.manifest = Rails.root.join("public/assets")
config.assets.debug = true

I also had this issue, where trying to run in production without precompiling it would still throw not-precompiled errors. I had to change which line was commented application.rb:
# If you precompile assets before deploying to production, use this line
# Bundler.require(*Rails.groups(:assets => %w(development test)))
# If you want your assets lazily compiled in production, use this line
Bundler.require(:default, :assets, Rails.env)

Here's the quick fix:
If you're using capistrano do this add this to your deploy.rb:
after 'deploy:update_code' do
run "cd #{release_path}; RAILS_ENV=production rake assets:precompile"
end
cap deploy

I ran into this error message today and wanted to post the resolution to my particular my case. It turns out that my problem was that one of my css files was missing a closing brace and this was causing the file to not be compiled. It may be harder to notice this if you have an automated process that sets everything up (including the asset precompile) for your production environment.

After all else failed...
My solution was to change the layout file from
= stylesheet_link_tag "reset-min", 'application'
to
= stylesheet_link_tag 'application'
And it worked! (You can put the reset file inside the manifest.)

Just another way to fix this up on Heroku: Make sure your Rakefile is committed and pushed.

On heroku server (readonly filesystem),
If you want runtime compilation of css (its not recommended but you can do it), make sure you have done settings like below -
# inside config/application.rb
config.assets.enabled = true
config.assets.prefix = Rails.root.join('tmp/assets').to_s
# If you are using sass then keep gem outside of asset group
gem 'sass-rails', '3.1.4'
# inside config/environments/production.rb
config.assets.compile = true

if you think you followed everything good but still unlucky, just make sure you/capistrano run touch tmp/restart.txt or equivalent at the end. I was in the unlucky list but now :)

You probably have a syntax error in the css you are using.
Run this command
$ bundle exec rake assets:precompile RAILS_ENV=development --trace
It will give the exception, fixed that and you are all done.
Thanks