Devise is acting weird for the first time each day when a User tries to create a new User in our project. This is the server log from the exact moment the user clicks on the confirm link:
Started GET "/users/confirmation?confirmation_token=3F367iMzUm5y3ohbkykM" for 199.116.169.254 at 2014-07-22 15:34:29 +0000
Processing by Devise::ConfirmationsController#show as */*
Parameters: {"confirmation_token"=>"3F367iMzUm5y3ohbkykM"}
Redirected to http://qa.nearshoreconnect.com/users/sign_in
Completed 302 Found in 228ms (ActiveRecord: 2.2ms)
Started GET "/users/sign_in" for 199.116.169.254 at 2014-07-22 15:34:29 +0000
Processing by Devise::SessionsController#new as */*
Rendered layouts/_errors.html.erb (0.1ms)
Rendered devise/sessions/new.html.erb within layouts/application (6.1ms)
Rendered layouts/_shim.html.erb (0.4ms)
Rendered layouts/_search_box.html.erb (1.2ms)
Rendered layouts/_header_internet.html.erb (9.6ms)
Rendered layouts/_footer_internet.html.erb (1.4ms)
Completed 200 OK in 29ms (Views: 27.5ms | ActiveRecord: 0.0ms | Solr: 0.0ms)
Started GET "/users/confirmation?confirmation_token=3F367iMzUm5y3ohbkykM" for 201.234.55.21 at 2014-07-22 15:34:30 +0000
Processing by Devise::ConfirmationsController#show as HTML
Parameters: {"confirmation_token"=>"3F367iMzUm5y3ohbkykM"}
Rendered layouts/_errors.html.erb (0.7ms)
Rendered devise/confirmations/new.html.erb within layouts/application (3.9ms)
Rendered layouts/_shim.html.erb (0.4ms)
Rendered layouts/_search_box.html.erb (1.0ms)
Rendered layouts/_header_internet.html.erb (2.6ms)
Rendered layouts/_footer_internet.html.erb (1.3ms)
Completed 200 OK in 18ms (Views: 14.1ms | ActiveRecord: 0.3ms | Solr: 0.0ms)
Started GET "/assets/font.css" for 201.234.55.21 at 2014-07-22 15:34:30 +0000
Served asset /font.css - 304 Not Modified (0ms)
The validation token is checked twice. I'm overriding the confirm function in my User model. Is that the problem? The code:
def confirm!
super
send_welcome_mail
end
Related
When try to edit comment i am getting this error
422
Invalid form authenticity token.
log/production.log says
Rendered journals/_notes_form.html.erb (3.2ms)
Rendered journals/edit.js.erb (3.6ms)
Completed 200 OK in 29ms (Views: 4.2ms | ActiveRecord: 2.6ms)
Started POST "/journals/edit/178" for 39.32.17.135 at 2015-05-22 01:20:09 +0000
Processing by JournalsController#edit as HTML
Parameters: {"utf8"=>"✓", "notes"=>"mynotes", "commit"=>"Save", "id"=>"178"}
Can't verify CSRF token authenticity
Rendered common/error.html.erb within layouts/base (0.2ms)
Filter chain halted as :verify_authenticity_token rendered or redirected
Completed 422 Unprocessable Entity in 9ms (Views: 6.7ms | ActiveRecord: 0.2ms)
I'm using rails 3.2 and Devise 3.4.1.
On development environment all is working great but on production I'm getting this:
Started POST "/users/sign_in" for 111.111.111.11 at 2015-01-18 15:04:58 +0000
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"PGRrSKfVz8fZiv1a1qBJN2TzmFRAvUgEfYRpmdWiPWk=", "user"=>{"email"=>"email#email.com", "password"=>"[FILTERED]"}, "commit"=>"Log in"}
User Load (0.5ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'email#email.com' LIMIT 1
(0.2ms) BEGIN
(0.5ms) UPDATE `users` SET `last_sign_in_at` = '2015-01-18 15:04:53', `current_sign_in_at` = '2015-01-18 15:04:59', `sign_in_count` = 25, `updated_at` = '2015-01-18 15:04:59' WHERE `users`.`id` = 2
(1.2ms) COMMIT
Redirected to http://subdomain.domain.com/
Completed 302 Found in 100.0ms (ActiveRecord: 0.0ms)
Started GET "/" for 111.111.111.11 at 2015-01-18 15:04:59 +0000
Started GET "/authorized" for 111.111.111.11 at 2015-01-18 15:04:59 +0000
Processing by AuthorizedController#index as HTML
Completed 401 Unauthorized in 0.3ms
Started GET "/users/sign_in" for 111.111.111.11 at 2015-01-18 15:05:00 +0000
Processing by SessionsController#new as HTML
Rendered devise/shared/_links.html.erb (0.1ms)
Rendered devise/sessions/new.html.erb (4.0ms)
Completed 200 OK in 5.3ms (Views: 4.5ms | ActiveRecord: 0.0ms)
as you can see the user is being authorised but signing out immediately after that.
help?
well, the CDN just blocked Devise's cookie so it's solved now
thank you all!
I'm found an interesting problem in my app.
I'm using Rails 3 with ruby 2.0. I already have a production server where my app is running and another staging server. I'm configuring a new better one but I have a problem only with Safari.
Redirected to http://ip.server/
Completed 302 Found in 201.7ms (ActiveRecord: 0.0ms)
Started GET "/" for my.ip at 2014-10-13 08:17:18 +0200
Processing by DashboardController#index as HTML
Completed 401 Unauthorized in 1.2ms
Started GET "/user/sign_in" for my.ip at 2014-10-13 08:17:18 +0200
Processing by Devise::SessionsController#new as HTML
Rendered application/_field_errors.html.erb (0.0ms)
Rendered application/_field_errors.html.erb (0.0ms)
Rendered devise/sessions/new.html.erb within layouts/devise (2.3ms)
Completed 200 OK in 5.5ms (Views: 3.8ms | ActiveRecord: 0.0ms)
When I check on the network tab, I can see this:
Fail to load resource: the server responded with a status of 401 (unauthorized)
At the beginning I thought my problem came from Devise but then I checked on Google and find that:
cross browser problem
I tried on Chrome and it works. I tried also without AdBlock or with the private navigation but it still not working with Safari.
Edit:
I did 2 requests, one coming from Chrome and the second one from Safari. The only difference is this line:
WARNING: Can't verify CSRF token authenticity
Edit 2:
I've commented the line protect_from_forgery on my ApplicationController.rb and finally this error (about CSRF) wasn't responsible for my problem.
Here my stacks when I try with Chrome and with Safari.
With Chrome:
Started POST "/user/sign_in" for my.ip at 2014-10-14 13:27:51 +0200
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"c86MNR4MCSbQWJiAjkGtgfgPMg5YirG1tqf/2vqdBWc=", "user"=>{"email"=>"test#example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}}
User Load (0.4ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'test#example.com' LIMIT 1
(0.1ms) BEGIN
WARNING: User#current is nil, are you including SentientController on your ApplicationController?
(0.3ms) UPDATE `users` SET `last_sign_in_at` = '2014-10-14 11:26:45', `current_sign_in_at` = '2014-10-14 11:27:51', `sign_in_count` = 52, `updated_at` = '2014-10-14 11:27:51' WHERE `users`.`type` IN ('User::Admin') AND `users`.`id` = 1
(26.1ms) COMMIT
Redirected to http://server.ip/
Completed 302 Found in 135.6ms (ActiveRecord: 0.0ms)
Started GET "/" for my.ip at 2014-10-14 13:27:51 +0200
Processing by DashboardController#index as HTML
User Load (0.4ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 1 LIMIT 1
server.ip Rendered dashboard/index.html.erb within layouts/application (2.5ms)
Rendered application/_header.html.slim (57.6ms)
Rendered application/_sidebar.html.erb (48.1ms)
Rendered application/_page_header.html.slim (2.0ms)
Rendered application/_flash_messages.html.erb (0.5ms)
Rendered application/_footer.html.erb (0.8ms)
Completed 200 OK in 137.5ms (Views: 122.9ms | ActiveRecord: 5.1ms)
With Safari:
Started POST "/user/sign_in" for my.ip at 2014-10-14 13:27:58 +0200
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"TWKhSxus5q46H9sZdEvMnzD52r0zA5phw/Pv7K+NKuY=", "user"=>{"email"=>"test#example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}}
User Load (0.4ms) SELECT `users`.* FROM `users` WHERE `users`.`email` = 'test#example.com' LIMIT 1
(0.1ms) BEGIN
(0.3ms) UPDATE `users` SET `last_sign_in_at` = '2014-10-14 11:27:51', `current_sign_in_at` = '2014-10-14 11:27:58', `sign_in_count` = 53, `updated_at` = '2014-10-14 11:27:58' WHERE `users`.`type` IN ('User::Admin') AND `users`.`id` = 1
(24.8ms) COMMIT
Redirected to http://server.ip/
Completed 302 Found in 138.2ms (ActiveRecord: 0.0ms)
Started GET "/" for my.ip at 2014-10-14 13:27:58 +0200
Processing by DashboardController#index as HTML
Completed 401 Unauthorized in 1.2ms
Started GET "/user/sign_in" for my.ip at 2014-10-14 13:27:58 +0200
Processing by Devise::SessionsController#new as HTML
Rendered application/_field_errors.html.erb (0.0ms)
Rendered application/_field_errors.html.erb (0.0ms)
Rendered devise/sessions/new.html.erb within layouts/devise (2.2ms)
Completed 200 OK in 5.2ms (Views: 3.7ms | ActiveRecord: 0.0ms)
Problem solved. It was not at all coming from my app but from my DNS redirection. I put an simple web redirection for tests and I forgot to add DNS redirection.
Now everything is working perfectly.
I hope this will help someone else!
I'm a redmine user.When the banner is enabled the EVM plugin is not working.The log is below.Any one please suggest a solution for working the plugin without disabling the banner
Started GET "/redmine/admin/plugins" for 10.222.185.22 at 2014-03-10 06:42:05 +0000
Processing by AdminController#plugins as HTML
Current user: admin (id=1)
Rendered admin/plugins.html.erb within layouts/admin (10.8ms)
Rendered admin/_menu.html.erb (12.7ms)
Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.1ms)
Rendered plugins/redmine_banner/app/views/banner/_body_bottom.html.erb (8.2ms)
Rendered plugins/redmine_banner/app/views/banner/_after_top_menu.html.erb (9.2ms)
Rendered layouts/base.html.erb (45.6ms)
Completed 200 OK in 93ms (Views: 80.7ms | ActiveRecord: 3.3ms)
Started GET "/redmine/settings/plugin/redmine_banner" for 10.222.185.22 at 2014-03-10 06:42:09 +0000
Processing by SettingsController#plugin as HTML
Parameters: {"id"=>"redmine_banner"}
Current user: admin (id=1)
Rendered plugins/redmine_banner/app/views/settings/_redmine_banner.html.erb (10.2ms)
Rendered plugins/scrum2b/app/views/settings/plugin.html.erb within layouts/admin (11.9ms)
Rendered admin/_menu.html.erb (5.9ms)
Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.1ms)
Rendered plugins/redmine_banner/app/views/banner/_body_bottom.html.erb (2.2ms)
Rendered plugins/redmine_banner/app/views/banner/_after_top_menu.html.erb (2.7ms)
Rendered layouts/base.html.erb (18.9ms)
Completed 200 OK in 43ms (Views: 37.5ms | ActiveRecord: 1.6ms)
Started GET "/redmine/admin" for 10.222.185.22 at 2014-03-10 06:45:54 +0000
Processing by AdminController#index as HTML
Current user: admin (id=1)
Rendered admin/_menu.html.erb (13.4ms)
Rendered admin/index.html.erb within layouts/admin (14.8ms)
Rendered plugins/redmine_banner/app/views/banner/_project_body_bottom.html.erb (0.1ms)
Rendered plugins/redmine_banner/app/views/banner/_body_bottom.html.erb (7.7ms)
Rendered plugins/redmine_banner/app/views/banner/_after_top_menu.html.erb (8.6ms)
Rendered layouts/base.html.erb (41.8ms)
Completed 200 OK in 70ms (Views: 57.4ms | ActiveRecord: 3.6ms)
The problem I'm having seems to be that Devise's authenticate_#{role}! method is hijacking my registration attempt.
Started GET "/client/sign_up" for 127.0.0.1 at 2012-01-14 12:02:52 +0000
Processing by Client::RegistrationsController#new as HTML
Rendered /Users/robertwwhite/.rvm/gems/ruby-1.9.2-p290/gems/devise-1.5.3/app/views/devise/shared/_links.erb (1.4ms)
Rendered client/registrations/new.html.haml within layouts/application (97.6ms)
Rendered client/_navigation.html.haml (1.6ms)
Rendered shared/_flash_messages.html.haml (0.1ms)
Completed 200 OK in 126ms (Views: 116.4ms | ActiveRecord: 7.2ms)
Started POST "/client" for 127.0.0.1 at 2012-01-14 12:02:58 +0000
Processing by WishesController#index as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"vq3wgsQeb4eoxhb3sw2Q2kd4edIoOxIfrzJ/WzJUAn0=", "client"=>{"email"=>"bacon#example.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Sign up"}
Completed 401 Unauthorized in 13ms
Started GET "/client/sign_in" for 127.0.0.1 at 2012-01-14 12:02:58 +0000
Processing by Client::SessionsController#new as HTML
Rendered /Users/robertwwhite/.rvm/gems/ruby-1.9.2-p290/gems/devise-1.5.3/app/views/devise/shared/_links.erb (1.0ms)
Rendered client/sessions/new.html.haml within layouts/application (16.5ms)
Rendered client/_navigation.html.haml (1.5ms)
Rendered shared/_flash_messages.html.haml (0.3ms)
Completed 200 OK in 60ms (Views: 38.6ms | ActiveRecord: 6.4ms)
I've tried overriding the after_signup_path_for(resource_or_scope) but it seems to be getting ignored.
# app/controllers/application_controller.rb
def after_sign_up_path_for(resource_or_scope)
random_path
end
So as it stands users can't register to the site in the first place. Any ideas?
Have you checked to make sure non of your routes are overriding the default devise routes/methods?
Edited by HaaR for clarity of users with similar problem:
I had the following in my config/routes.rb above my devise_for methods.
match "client" => "wishes#index"
Which was overriding Devise's
devise_for :clients, :path => :client
By moving it below, it gives Devise priority, and still passes the get request to the appropriate controller and action without hijacking the POST requests.