Redirection in RubyOnRails - ruby-on-rails

I just got an SSL certificate for "example.com". After making some configurations in NGINX I could finally redirect "http://www.example.com" calls and "http://example.com" calls to "https://example.com". Everything works fine, but when I type "https://www.example.com" an SSL error is shown. Is there a way to redirect "https://www.example.com" calls to "https://example.com" using some Ruby code?

Handling the redirect at the Rack level and not inside of the Rails app is my preferred way to solve this requirement.
https://github.com/jtrupiano/rack-rewrite#scheme
The link takes you to the part of the README that addresses this question. I've used this gem in the past and it works really well.

Related

ActiveAdmin taking wrong http method for update and destroy actions

Rails version - 5.2
Active admin version - 2.9.0
I have installed and configured active admin in my rails API application. Everything is working fine, except for the update, delete action of any controller, and logout of the admin user.
Here is my applicaiton.rb file
I have added method override in application.rb file though it is taking the POST request method for any update or delete request. It is working fine in my local even though it is taking POST request but when I deployed the code on the staging environment. I have found this thing. On my staging environment, that route is not present hence it is giving 404 error.
Below is the screenshot of the Update admin user request.
Can someone please help me to fix this issue?
I have finally fixed the issue. I am assuming the issue might be with my staging web server configuration otherwise it was working fine in my local in both the environments local and staging.
Post the answer here so it might help people in future.
By default the browser only supports for GET and POST requests. If we want to use any other request methods then we need to pass that request method in the parameter _method. You can read more about it here.
That wasn't happening in my case though i have added config.middleware.use Rack::MethodOverride in application.rb.
For resolving the issue, I have added the use Rack::MethodOverride in my config.ru file. It means before running the rails application it will use this method. I have added this code and that's it everything is working fine now.

405 not allowed nginx, CORS? Nginx config? Or something else?

Working on an app built using Ember.js and Rails.
Authentication is being done with ember-simple-auth using Oauth2.
I am able to login to my app locally in my development environment, but as soon as I try to login on my production server (through Heroku) I start receiving a nginx 405 not allowed status code.
First thing I thought was maybe it is my request headers / CORS. I am using rack-cors gem on my rails side and configured it based directly off the readme example. Here is my application.rb
Researching, I found the same problem with the solution being to configure Nginx side of things, but I figured since that is being handled by heroku I wasn't really sure if that was where I need to make my changes.
Let me know if there are any other files/info that could help.
What is the best way to debug this problem?
Try using this first to rule out CORS:
https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi
Does the route work locally when you use Postman or a similar tool?
Are you requesting HTML or JSON?

Rails set protocol to always HTTP

I am running a Rails app inside of Vagrant. I am trying to run my app in QA mode to reflect my deployment environment. I am doing SSL termination at the load balancer in my QA environment, so I'd like to be able to run my Rails app only over http, no https anywhere.
I am using Devise for user authentication. I can load my app just fine, but when I log in, devise always wants to redirect onto https. I can't seem to get it to behave differently. I've pinged the devise maintainers for help but they didn't have any insight to share.
I've tried setting config.force_ssl = false but that doesn't seem to make a difference.
I am running the app under Unicorn, proxying to nginx. Any insight would be appreciated!
I think adding something like thi to application.rb this might prevent the issue:
[
config.action_controller.default_url_options,
config.action_mailer.default_url_options,
Rails.application.routes.default_url_options,
Devise::Engine.routes.default_url_options,
Devise::Engine.config.action_controller.default_url_options
].each do |config|
config[:protocol] = "http#{'s' if Rails.env.production}"
end
In addition, you can override a variety of Devise controller methods, by subclassing them. So if you identify the cuplrit method, you can either a) solve the root cause, or b) subclass the controller, to use a workaround instead.

can't log on to wp-admin when wordpress is hosted as a rails subdirectory

I have a rails app on heroku, and a wordpress-heroku install also on heroku. I'm using the rack-reverse-proxy gem to redirect my wordpress to the /blog directory on my rails app. I followed all the instructions here:
http://rywalker.com/setting-up-a-wordpress-blog-on-heroku-as-a-subdirectory-of-a-rails-app-also-hosted-on-heroku
When I access my wordpress blog on its normal address, everything works fine. However, when I have it set up under a subdirectory of my rails app, I can't log in. I go to wp-login.php I enter my credentials, get forwarded to /blog/wp-admin.php, and then immediately I am redirected back to /blog/wp-login.php?redirect_to=http%3A%2F%2Flocalhost%3A3000%2Fwp-admin%2F&reauth=1. The only cookie that gets set is the wordpress_test_cookie, but none of the other wordpress cookies make any appearance in my browser.
I have tried many things to fix this including using rack-reverse-proxy to forward all rails traffic to wordpress, so I don't have to use a /blog subdirectory in case that was causing the problem. But the exact same behavior results. I've also determined that the :preserve_host setting in the Rack::ReverseProxy config doesn't seem to make any difference whether it's true or false.
Ideas?
A) What do you have in your wp-config.php? Should be something like this:
define('WP_SITEURL', 'http://www.DOMAIN.com/blog');
define('WP_HOME', 'http://www.DOMAIN.com/blog');
B) In the Rack::ReverseProxy settings, are you pointing to the blog (wordpress) herokuapp.com URL, not the main site (rails) URL, right? I realize my post isn't clear on that point.
I finally tracked this down to a bug in rack-reverse-proxy. The set-cookie header was being sent in an improper format, so only the first cookie was being interpreted correctly by the browser. That happened to be the wordpress test cookie. All the other (useful) ones were being thrown away, so of course I could not log in.
I plan to submit a bug and branch to rack-reverse-proxy but in the meantime I fixed it with this patch in my config.ru:
class MyReverseProxy < Rack::ReverseProxy
private
def create_response_headers(http_response)
response_headers = super(http_response)
if response_headers
if response_headers["Set-Cookie"].is_a?(Array)
response_headers["Set-Cookie"] = response_headers["Set-Cookie"].join("\n")
end
end
response_headers
end
end
# this is to make /blog show my wordpress blog
use MyReverseProxy do
reverse_proxy_options :preserve_host => false
reverse_proxy(/^\/blog(\/.*)$/, 'http://your-blog-server.com$1')
end

devise/omniauth issue using pow - working on rails server

I'm using pow to host my rails app locally.
I've added devise and am trying to get omniauth to work following these steps.
when I visit http://my_site.dev/users/auth/twitter I get the following error -
URI::InvalidURIError
the scheme http does not accept registry part: my_site.dev (or bad hostname?)
Using the internal rails server works fine, visiting http://0.0.0.0:3000/users/auth/twitter works as expected.
Any idea what I'm doing wrong? Do I need to change something within pow?
Hostnames are not allowed to include underscores. Try this:
$ mv ~/.pow/my_site ~/.pow/my-site
The site will now be available under http://my-site.dev/.
You will need to edit your etc/hosts and set host there next go to twitter configuration page and set this url there. Probably it is set to localhost or something like this so he is not eager to trust it :).

Resources