When try to edit comment i am getting this error
422
Invalid form authenticity token.
log/production.log says
Rendered journals/_notes_form.html.erb (3.2ms)
Rendered journals/edit.js.erb (3.6ms)
Completed 200 OK in 29ms (Views: 4.2ms | ActiveRecord: 2.6ms)
Started POST "/journals/edit/178" for 39.32.17.135 at 2015-05-22 01:20:09 +0000
Processing by JournalsController#edit as HTML
Parameters: {"utf8"=>"✓", "notes"=>"mynotes", "commit"=>"Save", "id"=>"178"}
Can't verify CSRF token authenticity
Rendered common/error.html.erb within layouts/base (0.2ms)
Filter chain halted as :verify_authenticity_token rendered or redirected
Completed 422 Unprocessable Entity in 9ms (Views: 6.7ms | ActiveRecord: 0.2ms)
Related
I'm using rails 3.2 and Devise 3.4.1.
On development environment all is working great but on production I'm getting this:
Started POST "/users/sign_in" for 111.111.111.11 at 2015-01-18 15:04:58 +0000
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"PGRrSKfVz8fZiv1a1qBJN2TzmFRAvUgEfYRpmdWiPWk=", "user"=>{"email"=>"email#email.com", "password"=>"[FILTERED]"}, "commit"=>"Log in"}
User Load (0.5ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'email#email.com' LIMIT 1
(0.2ms) BEGIN
(0.5ms) UPDATE `users` SET `last_sign_in_at` = '2015-01-18 15:04:53', `current_sign_in_at` = '2015-01-18 15:04:59', `sign_in_count` = 25, `updated_at` = '2015-01-18 15:04:59' WHERE `users`.`id` = 2
(1.2ms) COMMIT
Redirected to http://subdomain.domain.com/
Completed 302 Found in 100.0ms (ActiveRecord: 0.0ms)
Started GET "/" for 111.111.111.11 at 2015-01-18 15:04:59 +0000
Started GET "/authorized" for 111.111.111.11 at 2015-01-18 15:04:59 +0000
Processing by AuthorizedController#index as HTML
Completed 401 Unauthorized in 0.3ms
Started GET "/users/sign_in" for 111.111.111.11 at 2015-01-18 15:05:00 +0000
Processing by SessionsController#new as HTML
Rendered devise/shared/_links.html.erb (0.1ms)
Rendered devise/sessions/new.html.erb (4.0ms)
Completed 200 OK in 5.3ms (Views: 4.5ms | ActiveRecord: 0.0ms)
as you can see the user is being authorised but signing out immediately after that.
help?
well, the CDN just blocked Devise's cookie so it's solved now
thank you all!
My problem is that I do not see any error messages when Devise sign in failed. When this happens I got redirected to Devise::SessionsController#new which is not setting any errors
Started POST "/users/sign_in" for 127.0.0.1 at 2014-08-17 06:30:59 +0300
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"4ZgT4DtyyNYNGHRbwCVASolL3CQEqIeMtPlOOy7EBik=", "user"=>{"username"=>"setdddd", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Войти"}
Completed 401 Unauthorized in 3ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"4ZgT4DtyyNYNGHRbwCVASolL3CQEqIeMtPlOOy7EBik=", "user"=>{"username"=>"setdddd", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Войти"}
[]
Rendered devise/shared/_links.erb (0.1ms)
Rendered devise/sessions/new.html.erb within layouts/application (40.0ms)
Rendered application/_header.erb (0.5ms)
Rendered application/_footer.erb (0.0ms)
Completed 200 OK in 50ms (Views: 47.8ms | ActiveRecord: 0.0ms)
So the question is are there any switches in devise configuration that allow me to show error message to user, not just a redirect?
Are you outputting your flash messages where appropriate? It looks like devise sets flash[:notice] and flash[:alert] depending on the situation (i.e. failed login, etc). It's up to you to ensure that you output those values to your page. See the devise README for more details.
Devise is acting weird for the first time each day when a User tries to create a new User in our project. This is the server log from the exact moment the user clicks on the confirm link:
Started GET "/users/confirmation?confirmation_token=3F367iMzUm5y3ohbkykM" for 199.116.169.254 at 2014-07-22 15:34:29 +0000
Processing by Devise::ConfirmationsController#show as */*
Parameters: {"confirmation_token"=>"3F367iMzUm5y3ohbkykM"}
Redirected to http://qa.nearshoreconnect.com/users/sign_in
Completed 302 Found in 228ms (ActiveRecord: 2.2ms)
Started GET "/users/sign_in" for 199.116.169.254 at 2014-07-22 15:34:29 +0000
Processing by Devise::SessionsController#new as */*
Rendered layouts/_errors.html.erb (0.1ms)
Rendered devise/sessions/new.html.erb within layouts/application (6.1ms)
Rendered layouts/_shim.html.erb (0.4ms)
Rendered layouts/_search_box.html.erb (1.2ms)
Rendered layouts/_header_internet.html.erb (9.6ms)
Rendered layouts/_footer_internet.html.erb (1.4ms)
Completed 200 OK in 29ms (Views: 27.5ms | ActiveRecord: 0.0ms | Solr: 0.0ms)
Started GET "/users/confirmation?confirmation_token=3F367iMzUm5y3ohbkykM" for 201.234.55.21 at 2014-07-22 15:34:30 +0000
Processing by Devise::ConfirmationsController#show as HTML
Parameters: {"confirmation_token"=>"3F367iMzUm5y3ohbkykM"}
Rendered layouts/_errors.html.erb (0.7ms)
Rendered devise/confirmations/new.html.erb within layouts/application (3.9ms)
Rendered layouts/_shim.html.erb (0.4ms)
Rendered layouts/_search_box.html.erb (1.0ms)
Rendered layouts/_header_internet.html.erb (2.6ms)
Rendered layouts/_footer_internet.html.erb (1.3ms)
Completed 200 OK in 18ms (Views: 14.1ms | ActiveRecord: 0.3ms | Solr: 0.0ms)
Started GET "/assets/font.css" for 201.234.55.21 at 2014-07-22 15:34:30 +0000
Served asset /font.css - 304 Not Modified (0ms)
The validation token is checked twice. I'm overriding the confirm function in my User model. Is that the problem? The code:
def confirm!
super
send_welcome_mail
end
I'm a redmine user.When the banner is enabled the EVM plugin is not working.The log is below.Any one please suggest a solution for working the plugin without disabling the banner
Started GET "/redmine/admin/plugins" for 10.222.185.22 at 2014-03-10 06:42:05 +0000
Processing by AdminController#plugins as HTML
Current user: admin (id=1)
Rendered admin/plugins.html.erb within layouts/admin (10.8ms)
Rendered admin/_menu.html.erb (12.7ms)
Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.1ms)
Rendered plugins/redmine_banner/app/views/banner/_body_bottom.html.erb (8.2ms)
Rendered plugins/redmine_banner/app/views/banner/_after_top_menu.html.erb (9.2ms)
Rendered layouts/base.html.erb (45.6ms)
Completed 200 OK in 93ms (Views: 80.7ms | ActiveRecord: 3.3ms)
Started GET "/redmine/settings/plugin/redmine_banner" for 10.222.185.22 at 2014-03-10 06:42:09 +0000
Processing by SettingsController#plugin as HTML
Parameters: {"id"=>"redmine_banner"}
Current user: admin (id=1)
Rendered plugins/redmine_banner/app/views/settings/_redmine_banner.html.erb (10.2ms)
Rendered plugins/scrum2b/app/views/settings/plugin.html.erb within layouts/admin (11.9ms)
Rendered admin/_menu.html.erb (5.9ms)
Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.1ms)
Rendered plugins/redmine_banner/app/views/banner/_body_bottom.html.erb (2.2ms)
Rendered plugins/redmine_banner/app/views/banner/_after_top_menu.html.erb (2.7ms)
Rendered layouts/base.html.erb (18.9ms)
Completed 200 OK in 43ms (Views: 37.5ms | ActiveRecord: 1.6ms)
Started GET "/redmine/admin" for 10.222.185.22 at 2014-03-10 06:45:54 +0000
Processing by AdminController#index as HTML
Current user: admin (id=1)
Rendered admin/_menu.html.erb (13.4ms)
Rendered admin/index.html.erb within layouts/admin (14.8ms)
Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.1ms)
Rendered plugins/redmine_banner/app/views/banner/_body_bottom.html.erb (7.7ms)
Rendered plugins/redmine_banner/app/views/banner/_after_top_menu.html.erb (8.6ms)
Rendered layouts/base.html.erb (41.8ms)
Completed 200 OK in 70ms (Views: 57.4ms | ActiveRecord: 3.6ms)
The problem I'm having seems to be that Devise's authenticate_#{role}! method is hijacking my registration attempt.
Started GET "/client/sign_up" for 127.0.0.1 at 2012-01-14 12:02:52 +0000
Processing by Client::RegistrationsController#new as HTML
Rendered /Users/robertwwhite/.rvm/gems/ruby-1.9.2-p290/gems/devise-1.5.3/app/views/devise/shared/_links.erb (1.4ms)
Rendered client/registrations/new.html.haml within layouts/application (97.6ms)
Rendered client/_navigation.html.haml (1.6ms)
Rendered shared/_flash_messages.html.haml (0.1ms)
Completed 200 OK in 126ms (Views: 116.4ms | ActiveRecord: 7.2ms)
Started POST "/client" for 127.0.0.1 at 2012-01-14 12:02:58 +0000
Processing by WishesController#index as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"vq3wgsQeb4eoxhb3sw2Q2kd4edIoOxIfrzJ/WzJUAn0=", "client"=>{"email"=>"bacon#example.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"}
Completed 401 Unauthorized in 13ms
Started GET "/client/sign_in" for 127.0.0.1 at 2012-01-14 12:02:58 +0000
Processing by Client::SessionsController#new as HTML
Rendered /Users/robertwwhite/.rvm/gems/ruby-1.9.2-p290/gems/devise-1.5.3/app/views/devise/shared/_links.erb (1.0ms)
Rendered client/sessions/new.html.haml within layouts/application (16.5ms)
Rendered client/_navigation.html.haml (1.5ms)
Rendered shared/_flash_messages.html.haml (0.3ms)
Completed 200 OK in 60ms (Views: 38.6ms | ActiveRecord: 6.4ms)
I've tried overriding the after_signup_path_for(resource_or_scope) but it seems to be getting ignored.
# app/controllers/application_controller.rb
def after_sign_up_path_for(resource_or_scope)
random_path
end
So as it stands users can't register to the site in the first place. Any ideas?
Have you checked to make sure non of your routes are overriding the default devise routes/methods?
Edited by HaaR for clarity of users with similar problem:
I had the following in my config/routes.rb above my devise_for methods.
match "client" => "wishes#index"
Which was overriding Devise's
devise_for :clients, :path => :client
By moving it below, it gives Devise priority, and still passes the get request to the appropriate controller and action without hijacking the POST requests.