401 Unauthorized using devise after adding theme - ruby-on-rails

I have the error Completed 401 Unauthorized in 99.0ms after adding a template in rails 3.2 app and i was signing in from /users/sign_in URL.
Also, i did not change anything like authenticate by "name" but using the defaults authentication by email address.
Does anyone encounter this problem when signing in?
The error is:
Started POST "/users/sign_in" for 127.0.0.1 at 2014-08-05 12:04:19 +0800
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"<removed>", "user"=>{"email"=>"zaihan#clixster.net", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
ESC[1mESC[35mUser Load (1.0ms)ESC[0m SELECT `users`.* FROM `users` WHERE `users`.`email` = 'zaihan#clixster.net' LIMIT 1
Completed 401 Unauthorized in 14.0ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"<removed>", "user"=>{"email"=>"zaihan#clixster.net", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
Rendered devise/sessions/new.html.erb within layouts/application (38.0ms)
Rendered layouts/_navigation.html.erb (1.0ms)
Rendered layouts/_footer.html.erb (1.0ms)

I have found the solution. Make sure you do not have
attr_accessor :password
or your password field for devise in database would be empty.

Related

devise throw me out right after sign in on production but working great on development environment

I'm using rails 3.2 and Devise 3.4.1.
On development environment all is working great but on production I'm getting this:
Started POST "/users/sign_in" for 111.111.111.11 at 2015-01-18 15:04:58 +0000
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"PGRrSKfVz8fZiv1a1qBJN2TzmFRAvUgEfYRpmdWiPWk=", "user"=>{"email"=>"email#email.com", "password"=>"[FILTERED]"}, "commit"=>"Log in"}
User Load (0.5ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'email#email.com' LIMIT 1
(0.2ms) BEGIN
(0.5ms) UPDATE `users` SET `last_sign_in_at` = '2015-01-18 15:04:53', `current_sign_in_at` = '2015-01-18 15:04:59', `sign_in_count` = 25, `updated_at` = '2015-01-18 15:04:59' WHERE `users`.`id` = 2
(1.2ms) COMMIT
Redirected to http://subdomain.domain.com/
Completed 302 Found in 100.0ms (ActiveRecord: 0.0ms)
Started GET "/" for 111.111.111.11 at 2015-01-18 15:04:59 +0000
Started GET "/authorized" for 111.111.111.11 at 2015-01-18 15:04:59 +0000
Processing by AuthorizedController#index as HTML
Completed 401 Unauthorized in 0.3ms
Started GET "/users/sign_in" for 111.111.111.11 at 2015-01-18 15:05:00 +0000
Processing by SessionsController#new as HTML
Rendered devise/shared/_links.html.erb (0.1ms)
Rendered devise/sessions/new.html.erb (4.0ms)
Completed 200 OK in 5.3ms (Views: 4.5ms | ActiveRecord: 0.0ms)
as you can see the user is being authorised but signing out immediately after that.
help?
well, the CDN just blocked Devise's cookie so it's solved now
thank you all!

Debuging Devise in simple Rails app

I configure Devise gem for Rails and in code it seems look OK but when I'm trying to register new user I have the problem.
In register form Devise show notice:
Please review the problems below:
but that's all. Nothing specific message. Where I should looking for first? How to debug something like this?
Any suggestions?
Log from rails server:
Started POST "/auth/register" for 127.0.0.1 at 2014-09-14 17:09:13
+0200 Processing by Devise::RegistrationsController#create as HTML Parameters: {"utf8"=>"✓",
"authenticity_token"=>"iRsLU68tBckSzK1tupMoXZQlGw7xOuzMlfuiIVVs+rc=",
"user"=>{"email"=>"test#test.com", "password"=>"[FILTERED]",
"password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"}
(0.2ms) BEGIN User Exists (0.4ms) SELECT 1 AS one FROM "users"
WHERE "users"."email" = 'test#test.com' LIMIT 1 (0.2ms) ROLLBACK
Rendered devise/shared/_links.haml (0.5ms) Rendered
devise/registrations/new.html.haml within layouts/application (15.9ms)
Completed 200 OK in 121ms (Views: 24.2ms | ActiveRecord: 0.8ms)
And when I try log in:
Started POST "/auth/login" for 127.0.0.1 at 2014-09-14 17:10:23 +0200
Processing by Devise::SessionsController#create as HTML Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"iRsLU68tBckSzK1tupMoXZQlGw7xOuzMlfuiIVVs+rc=",
"user"=>{"email"=>"test#test.com", "password"=>"[FILTERED]",
"remember_me"=>"0"}, "commit"=>"Sign in"} User Load (0.7ms) SELECT
"users".* FROM "users" WHERE "users"."email" = 'test#test.com' ORDER
BY "users"."id" ASC LIMIT 1 Completed 401 Unauthorized in 2ms
Processing by Devise::SessionsController#new as HTML Parameters:
{"utf8"=>"✓",
"authenticity_token"=>"iRsLU68tBckSzK1tupMoXZQlGw7xOuzMlfuiIVVs+rc=",
"user"=>{"email"=>"test#test.com", "password"=>"[FILTERED]",
"remember_me"=>"0"}, "commit"=>"Sign in"} Rendered
devise/shared/_links.haml (0.4ms) Rendered
devise/sessions/new.html.haml within layouts/application (9.8ms)
Completed 200 OK in 106ms (Views: 15.4ms | ActiveRecord: 0.0ms)
I debug these things by inspecting the object.errors
In this case, try to
raise #user.errors.inspect
Somewhere after the save in the create method

devise error message when wrong username/password

My problem is that I do not see any error messages when Devise sign in failed. When this happens I got redirected to Devise::SessionsController#new which is not setting any errors
Started POST "/users/sign_in" for 127.0.0.1 at 2014-08-17 06:30:59 +0300
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"4ZgT4DtyyNYNGHRbwCVASolL3CQEqIeMtPlOOy7EBik=", "user"=>{"username"=>"setdddd", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Войти"}
Completed 401 Unauthorized in 3ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"4ZgT4DtyyNYNGHRbwCVASolL3CQEqIeMtPlOOy7EBik=", "user"=>{"username"=>"setdddd", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Войти"}
[]
Rendered devise/shared/_links.erb (0.1ms)
Rendered devise/sessions/new.html.erb within layouts/application (40.0ms)
Rendered application/_header.erb (0.5ms)
Rendered application/_footer.erb (0.0ms)
Completed 200 OK in 50ms (Views: 47.8ms | ActiveRecord: 0.0ms)
So the question is are there any switches in devise configuration that allow me to show error message to user, not just a redirect?
Are you outputting your flash messages where appropriate? It looks like devise sets flash[:notice] and flash[:alert] depending on the situation (i.e. failed login, etc). It's up to you to ensure that you output those values to your page. See the devise README for more details.

Devise with jquery-mobile, how handle error messages?

In app with (Gemfile ):
gem "devise", ">= 2.1.2"
gem 'rails', '3.2.8'
gem 'jquery_mobile_rails'
Before add jquery-mobile, all works fine, when enter invalidad data i got the page with a error message and log :
Started POST "/users/sign_in" for 127.0.0.1 at 2012-11-28 12:01:13 -0500
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"jLtHS2q0wO+tgswm9VM2/EiuTiq7J9Wwp8d65t/RSGE=", "user"=>{"email"=>"", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
Completed 401 Unauthorized in 0ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"jLtHS2q0wO+tgswm9VM2/EiuTiq7J9Wwp8d65t/RSGE=", "user"=>{"email"=>"", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
Rendered devise/shared/_links.html.erb (0.8ms)
Rendered devise/sessions/new.html.erb within layouts/application (3.2ms)
Rendered layouts/_navigation.html.erb (0.5ms)
Rendered layouts/_messages.html.erb (0.0ms)
Completed 200 OK in 29ms (Views: 28.9ms)
After add jquery-mobile, when login with correct data works fine, but with invalid data i get 401 and dont redirect noting . In the http response (view with firebug ) show only the message with the error like "invalid email" (not html code nor json) and jquery-mobile show "Error loading page".
Started POST "/users/sign_in" for 127.0.0.1 at 2012-11-27 21:32:45 -0500
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"EYx56pui4v6trcuzmXQuhzY2BDHwqrADepKuySx9ub0=", "user"=>{"email"=>"test#test.net", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
Completed 401 Unauthorized in 0ms
I have default devise controller and default views generated.
How handle errors message of devise with jquery mobile ?
Only not use ajax with jquery-mobile and devise for default.
In config/initializers/devise.rb
# If http headers should be returned for AJAX requests. True by default.
config.http_authenticatable_on_xhr = false
Another solution is to add
:html => {:data => {:ajax => 'false'}}
to the form in question so jQM doesn't hijack it and turn it into an ajax request.
Please see my full answer for the same question https://stackoverflow.com/a/14595607/64669

RoR Rails 3 Devise::SessionsController fails to authenticate existing user

I'm starting the app at http://localhost:3000/users/sign_in
accept user / password; posting
device fails to authenticate my user and jumps into #new
#new render sign_in again, so I am in a loop.
here is the log:
Started POST "/users/sign_in" for 127.0.0.1 at 2011-10-30 17:49:33 -0700
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"NhVu4CQwhatever+CAErP19YVIkz0lIz3qEERac=", "user"=>{"email"=>"abc#def.com", "password"=>"[FILTERED]", "remember_me"=>"1"}, "commit"=>"Sign in"}
Then it runs the SQL to fetch the user. copy/pate to postgresql, the 'select' fetch my user record. it definitely exists**
[1m[35mUser Load (5.0ms)[0m SELECT "users".* FROM "users" WHERE "users"."email" = 'abc#def.com' LIMIT 1
The next log entry: jumps to #new - as if the user do not exist
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"NhVu4CQwhatever+CAErP19YVIkz0lIz3qEERac=", "user"=>{"email"=>"abc#def.com", "password"=>"[FILTERED]", "remember_me"=>"1"}, "commit"=>"Sign in"}
Rendered devise/sessions/new.html.erb within layouts/application (4.0ms)

Resources