I have a rails app using Devise with confirmable emails. The emails are sending fine, and the confirmation link is working perfectly in development. But in production on Heroku, it doesn't work at all.
Again, the emails send fine on production, the token is generated, but when clicked, the page just redirects to the 'resend confirmation instructions' page. Is there something missing for production to make this work? Any suggestions or help?
Here's my logs from development:
Started GET "/users/confirmation?confirmation_token=SusKNC1PyZ4ayJxL9asR" for 127.0.0.1 at 2014-07-13 21:32:02 -0400
Processing by Devise::ConfirmationsController#show as HTML
Parameters: {"confirmation_token"=>"SusKNC1PyZ4ayJxL9asR"}
User Load (0.9ms) SELECT "users".* FROM "users" WHERE "users"."confirmation_token" = '28535b0ce6b4cb809463749ccad8ae0c8e92f6e7ce6ea2b9262dc6be87eb1fff' ORDER BY "users"."id" ASC LIMIT 1
(0.1ms) BEGIN
SQL (0.9ms) UPDATE "users" SET "confirmation_token" = $1, "confirmed_at" = $2, "updated_at" = $3 WHERE "users"."id" = 3 [["confirmation_token", nil], ["confirmed_at", "2014-07-14 01:32:02.960080"], ["updated_at", "2014-07-14 01:32:02.960674"]]
(0.5ms) COMMIT
Redirected to http://localhost:3000/users/sign_in
and here is my logs from Heroku
2014-07-14T01:36:05.606623+00:00 heroku[router]: at=info method=GET path="/users/confirmation" host=www.———.— request_id=76de591e-0948-4b89-93b1-eeb9431b2b9c fwd="72.229.255.68" dyno=web.1 connect=2 service=18 status=304 bytes=1218
2014-07-14T01:36:05.585691+00:00 app[web.1]: Started GET "/users/confirmation" for 72.229.255.68 at 2014-07-14 01:36:05 +0000
2014-07-14T01:36:05.594512+00:00 app[web.1]: Rendered devise/shared/_links.html.haml (0.5ms)
2014-07-14T01:36:05.594570+00:00 app[web.1]: Rendered devise/confirmations/new.html.haml within layouts/application (3.1ms)
2014-07-14T01:36:05.596841+00:00 app[web.1]: Rendered layouts/_header.html.haml (1.1ms)
2014-07-14T01:36:05.588617+00:00 app[web.1]: Processing by Devise::ConfirmationsController#show as HTML
2014-07-14T01:36:05.597479+00:00 app[web.1]: Completed 200 OK in 9ms (Views: 6.3ms | ActiveRecord: 0.0ms)
I had the same kind of error: "Confirmation cannot be blank" on production, even though it works on my local machine. For me the problem was the free account of WWWhisper does not permit unauthorized access and treats the email confirmation link as unauthorized.
I'm so dumb, just fixed this after I submitted. The problem was with my url. I entered the root domain in my production.rb file for the smtp settings. But I actually have a www url that the root domain redirects too. Ugh
Related
I'm currently trying to find a way to change my redirection url upon unlocking an account. Currently when an account is locked the user is getting a email to unlock is account but then the te user get redirect on a default url. Since my rails project is an api it would be nice to redirect to my front-end
Started GET "/api/auth/unlock?unlock_token=YvR4nNssxhB9h8hvDAse" for
127.0.0.1 at 2017-12-04 15:28:08 -0500
Processing by Devise::UnlocksController#show as JSON
Parameters: {"unlock_token"=>"YvR4nNssxhB9h8hvDAse"}
User Load (0.8ms) SELECT "users".* FROM "users" WHERE
"users"."unlock_token" = $1 ORDER BY "users"."id" ASC LIMIT $2
[["unlock_token",
"6f3c4d7aa5254e143f89cd7f187e22ce56b11e6abe1f5eb252e34d86ac101908"],
["LIMIT", 1]]
(0.1ms) BEGIN
SQL (0.7ms) UPDATE "users" SET "locked_at" = $1, "failed_attempts" = $2,
"unlock_token" = $3, "updated_at" = $4 WHERE "users"."id" = $5
[["locked_at", nil], ["failed_attempts", 0], ["unlock_token", nil],
["updated_at", "2017-12-04 20:28:08.783744"], ["id", 1]]
(3.4ms) COMMIT
Redirected to http://localhost:3000/api/auth/sign_in
Completed 302 Found in 17ms (ActiveRecord: 5.0ms)
Started GET "/api/auth/sign_in" for 127.0.0.1 at 2017-12-04 15:28:08
-0500
Processing by DeviseTokenAuth::SessionsController#new as JSON
[active_model_serializers] Rendered ActiveModel::Serializer::Null with
Hash (0.14ms)
Completed 405 Method Not Allowed in 2ms (Views: 0.9ms | ActiveRecord:
0.0ms)
Started GET "/api/auth/sign_in" for 127.0.0.1 at 2017-12-04 15:31:26
-0500
Processing by DeviseTokenAuth::SessionsController#new as JSON
[active_model_serializers] Rendered ActiveModel::Serializer::Null with
Hash (0.11ms)
Completed 405 Method Not Allowed in 1ms (Views: 0.7ms | ActiveRecord:
0.0ms)
To do any customization with Devise, one must override the default controllers by creating a new controller and inheriting from it in your case that would be Devise::UnlocksController
For example:
CustomUnlocksController < Devise::UnlocksController
https://github.com/plataformatec/devise/blob/master/app/controllers/devise/unlocks_controller.rb
Override after_unlock_path_for to the path which you are going to redirect after.
I have a Rails 5 application in Heroku that does a login/logout using a sessions controller based on logic in Michael Hartl's Ruby on Rails Tutorial. I have done similar logic for several years starting with Rails 3. My application worked in localhost, production status using Passenger on my server and on Heroku. The same code is being executed. A couple of days ago I started getting the following errors when I try to log into the production version of my application on my server. However I'm still able to log into my application in localhost/development and on Heroku.
I, [2017-04-22T20:15:50.242323 #65501] INFO -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c] Started POST "/sessions" for 127.0.0.1 at 2017-04-22 20:15:50 -0500
I, [2017-04-22T20:15:50.243524 #65501] INFO -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c] Processing by SessionsController#create as HTML
I, [2017-04-22T20:15:50.243945 #65501] INFO -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c] Parameters: {"utf8"=>"✓", "authenticity_token"=>"RsEqEfiDw82E2YI17SVkkUcxhiqtUw75nC1i9GJmIYZlwjg6o0mXiHehCHP627iTOjyQoPA+mrmi+Bh99BxICQ==", "session"=>{"email_user"=>"pamela", "password"=>"[FILTERED]"}, "commit"=>"Login"}
W, [2017-04-22T20:15:50.245161 #65501] WARN -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c] Can't verify CSRF token authenticity.
I, [2017-04-22T20:15:50.246050 #65501] INFO -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c] Completed 422 Unprocessable Entity in 2ms (ActiveRecord: 0.0ms)
F, [2017-04-22T20:15:50.248110 #65501] FATAL -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c]
F, [2017-04-22T20:15:50.248546 #65501] FATAL -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c] ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
F, [2017-04-22T20:15:50.248894 #65501] FATAL -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c]
F, [2017-04-22T20:15:50.249263 #65501] FATAL -- : [40a379f9-27c2-4923-a9ce-f310f96dbc4c] actionpack (5.0.2) lib/action_controller/metal/request_forgery_protection.rb:195:in `handle_unverified_request'
[40a379f9-27c2-4923-a9ce-f310f96dbc4c] actionpack (5.0.2) lib/action_controller/metal/request_forgery_protection.rb:223:in `handle_unverified_request'
[40a379f9-27c2-4923-a9ce-f310f96dbc4c] actionpack (5.0.2) lib/action_controller/metal/request_forgery_protection.rb:218:in `verify_authenticity_token'
application_controller
protect_from_forgery with: :exception
include SessionsHelper
Log from localhost on the same machine where I'm able to successfully log in:
Started POST "/sessions" for ::1 at 2017-04-22 22:26:23 -0500
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"zhkoMofyRdPcwQ7v2GOYltlRv2PJM8duzbuxJsa5dAy0je/yj1CRedQM/H1Zku2ukQbbG7YF6OZd4ootV0qolA==", "session"=>{"email_user"=>"myuserid", "password"=>"[FILTERED]"}, "remember_me"=>"1", "commit"=>"Login"}
[1m[36mUser Load (74.2ms)[0m [1m[34mSELECT "users".* FROM "users" WHERE "users"."email" = $1 LIMIT $2[0m [["email", "myuserid"], ["LIMIT", 1]]
[1m[36mUser Load (0.8ms)[0m [1m[34mSELECT "users".* FROM "users" WHERE "users"."username" = $1 LIMIT $2[0m [["username", "myuserid"], ["LIMIT", 1]]
[1m[35m (0.2ms)[0m [1m[35mBEGIN[0m
[1m[35mSQL (22.6ms)[0m [1m[33mUPDATE "users" SET "remember_token" = $1, "updated_at" = $2 WHERE "users"."id" = $3[0m [["remember_token", "75f5152d815e24e6ce7709cc93f34265ad9161be"], ["updated_at", 2017-04-23 03:26:23 UTC], ["id", 3]]
[1m[35m (26.4ms)[0m [1m[35mCOMMIT[0m
Redirected to http://localhost:3000/
Completed 302 Found in 229ms (ActiveRecord: 124.5ms)
Started GET "/" for ::1 at 2017-04-22 22:26:23 -0500
Processing by PagesController#home as HTML
[1m[36mUser Load (7.4ms)[0m [1m[34mSELECT "users".* FROM "users" WHERE "users"."remember_token" = $1 LIMIT $2[0m [["remember_token", "75f5152d815e24e6ce7709cc93f34265ad9161be"], ["LIMIT", 1]]
Rendering pages/home.html.erb within layouts/application
Rendered pages/home.html.erb within layouts/application (1.1ms)
Rendered layouts/_meta_data.erb (2.3ms)
Rendered layouts/_shim.html.erb (0.4ms)
Rendered layouts/_header.html.erb (1.1ms)
Rendered layouts/_systemmessage.html.erb (0.5ms)
Rendered layouts/_footer.html.erb (1.0ms)
Completed 200 OK in 270ms (Views: 236.8ms | ActiveRecord: 7.4ms)
I have search solutions and just about all of them say to shut this off which I don't want to do especially considering that this is a database maintenance application. The only difference I can see between the three executions of the code is the value for remember_token in my table since each version is using a different database. I tried setting the remember_token field on the database to null but I still get the error. I have changed nothing related to the login/logout process so I'm really puzzled. I will clone what I have in Heroku and try again.
This is the first time I have seen this error in almost six years of Rails software development. I realize that I could very well have an attack but I don't know how to debug this error. The same code works in Heroku and localhost.
UPDATE: I looked at the page source of the production application on my server. This is what the header looked like before I attempted to log in and got the error. With my localhost version and the Heroku version the two statements like those below appear after login.
<meta name="csrf-param" content="authenticity_token" />
<meta name="csrf-token" content="JoPFlDzY0SYSpOSq0dXgafSICgZ9qXJz/x4tX31owZPh3cu7fNR553iGPn5c+RnZVOuxiEolnoOin0Rkoay4Ag==" />
UPDATE: Attempt at overriding the class InvalidAuthenticityToken raised on line 195 in rails/actionpack/lib/action_controller/metal/request_forgery_protection.rb. Currently this class has no statements. Huge guess at this point since I don't see any instructions for this or if this is even possible.
require 'action_controller/metal/request_forgery_protection'
class XxxLogger < ActionPack::ActionController::RequestForgeryProtection
source_root File.join(File.dirname(ActionPack::ActionController::RequestForgeryProtection.instance_method(:handle_unverified_request).source_location.first), "templates")
class InvalidAuthenticityToken < ActionControllerError #:nodoc:
logger.warn "Can't verify CSRF token authenticity
end
end
There are 2 tokens need to be verify, form token, csrf token. Any one of the tokens fail, will throw a InvalidAuthenticityToken exception.
At the production deploy directory, run bundle show rails, to find the exact rails directory, then add log to the related rails code, find detailed reason.
Add log in this way, logger.warn "Can't verify CSRF token authenticity.", it's the way how rails output log.
In actionpack/lib/action_controller/metal/request_forgery_protection.rb file, find why any_authenticity_token_valid? fail first.
And check this issue https://github.com/rails/rails/issues/24257#issuecomment-212203983, change to users_path, not users_url.
And take care of this,
For Rails 5, note that protect_from_forgery is no longer prepended to the before_action chain, so if you have set authenticate_user before protect_from_forgery, your request will result in "Can't verify CSRF token authenticity." To resolve this, either change the order in which you call them, or use protect_from_forgery prepend: true.
Hello so I have an app that works great locally but as soon as I pushed it to Heroku I'm having issues.
HEROKU LINK: https://sleepy-garden-73993.herokuapp.com
GITHUB REPO: https://github.com/kbachand/ginger_ails
ERROR IN CONSOLE WHEN INSPECT THE PAGE:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
HOW TO DUPLICATE ISSUE:
-Click "check your address", ENTER address: 202 tryon st; ZIP code: 28207 (this is in our service area)
-Click "select your ailment" and select one (any will work)
-Click "purchase remedy kit", and it will prompt you to login or sign up. You can sign up if you'd like but my login is keithbtest#gmail.com and password: surfsup714
-Once you login click "purchase remedy kit" and it SHOULD render a view that shows you all the items in the cart and allows you to empty or purchase via stripe. But instead you get the error.
HEROKU LOG:
2016-11-02T18:15:02.693028+00:00 app[web.1]: [1m[36mCart Load (1.4ms)[0m [1mSELECT "carts".* FROM "carts" WHERE "carts"."id" = $1 LIMIT 1[0m [["id", 1]]
2016-11-02T18:15:02.696486+00:00 app[web.1]: ActiveRecord::StatementInvalid (PG::DatatypeMismatch: ERROR: argument of WHERE must be type boolean, not type integer
2016-11-02T18:15:02.695276+00:00 app[web.1]: [1m[35mUser Load (1.8ms)[0m SELECT "users".* FROM "users" WHERE (1) LIMIT 1
2016-11-02T18:15:02.695572+00:00 app[web.1]: Completed 500 Internal Server Error in 7ms (ActiveRecord: 4.6ms)
2016-11-02T18:15:02.696484+00:00 app[web.1]:
2016-11-02T18:15:02.696487+00:00 app[web.1]: ^
2016-11-02T18:15:02.696486+00:00 app[web.1]: LINE 1: SELECT "users".* FROM "users" WHERE (1) LIMIT 1
2016-11-02T18:15:02.696488+00:00 app[web.1]: : SELECT "users".* FROM "users" WHERE (1) LIMIT 1):
2016-11-02T18:15:02.696488+00:00 app[web.1]: app/controllers/carts_controller.rb:35:in `show'
2016-11-02T18:15:02.696489+00:00 app[web.1]:
2016-11-02T18:15:02.696489+00:00 app[web.1]:
2016-11-02T18:18:42.858131+00:00 heroku[router]: at=info method=GET path="/" host=sleepy-garden-73993.herokuapp.com request_id=5c66a6cc-7de8-43b6-92c3-51b63a3d3ab7 fwd="104.139.26.81" dyno=web.1 connect=1ms service=18ms status=200 bytes=6966
The important bits on the log are:
"ActiveRecord::StatementInvalid (PG::DatatypeMismatch: ERROR: argument of WHERE must be type boolean, not type integer "
Below it reads the error is on app/controllers/carts_controller.rb:35
https://github.com/kbachand/ginger_ails/blob/master/app/controllers/carts_controller.rb#L35
On that line you have:
#user = User.find_by(id: params[:id])
So it looks like params[:id] is an integer, but the id column is a boolean.
When looking at your schema.rb to check your column types, I realized you have the devise gem installed, so you should use devise's helpers to authenticate the user instead of doing it manually:
https://github.com/plataformatec/devise#controller-filters-and-helpers
Let me know if that helps!
I've been racking my brain for ~ 8 hours now. I'm setting up a devise client to work with a custom provider built on doorkeeper.
Everything is working fine except the authorization of the devise client. For some reason anytime I click the user_omniauth_authorize_path(:doorkeeper) the omniauth Request phase initiated is triggered twice. I can't work out what could be causing this.
Here is a log of the sequence of events from both the client and provider.
CLIENT LOGS
jonathan#Jonathan doorkeeper-client (master) $ rails s -p 3001
=> Booting WEBrick
=> Rails 4.2.4 application starting in development on http://localhost:3001
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
[2015-10-24 23:37:27] INFO WEBrick 1.3.1
[2015-10-24 23:37:27] INFO ruby 2.2.2 (2015-04-13) [x86_64-darwin15]
[2015-10-24 23:37:27] INFO WEBrick::HTTPServer#start: pid=59452 port=3001
Started GET "/" for ::1 at 2015-10-24 23:37:33 -0500
ActiveRecord::SchemaMigration Load (0.4ms) SELECT "schema_migrations".* FROM "schema_migrations"
Processing by ApplicationController#index as HTML
Rendered application/index.html.erb within layouts/application (1.9ms)
Completed 200 OK in 157ms (Views: 143.7ms | ActiveRecord: 0.0ms)
Started GET "/users/auth/doorkeeper" for ::1 at 2015-10-24 23:37:40 -0500
I, [2015-10-24T23:37:40.521903 #59452] INFO -- omniauth: (doorkeeper) Request phase initiated.
Started GET "/users/auth/doorkeeper" for ::1 at 2015-10-24 23:37:40 -0500
I, [2015-10-24T23:37:40.615061 #59452] INFO -- omniauth: (doorkeeper) Request phase initiated.
Started GET "/users/auth/doorkeeper/callback?code=e1aa1b123ecadb91088527dfa3529181a99fa1f607a88738badd51b24aa2e8ee&state=d5166e94b40231ac06d65ae52f5a9b97a6aee828505f02b9" for ::1 at 2015-10-24 23:38:37 -0500
I, [2015-10-24T23:38:37.618820 #59452] INFO -- omniauth: (doorkeeper) Callback phase initiated.
E, [2015-10-24T23:38:37.640490 #59452] ERROR -- omniauth: (doorkeeper) Authentication failure! invalid_credentials: OAuth2::Error, invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
Processing by Users::OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"e1aa1b123ecadb91088527dfa3529181a99fa1f607a88738badd51b24aa2e8ee", "state"=>"d5166e94b40231ac06d65ae52f5a9b97a6aee828505f02b9"}
Redirected to http://localhost:3001/
Completed 302 Found in 332ms (ActiveRecord: 0.0ms)
Started GET "/" for ::1 at 2015-10-24 23:38:37 -0500
Processing by ApplicationController#index as HTML
Rendered application/index.html.erb within layouts/application (0.3ms)
Completed 200 OK in 21ms (Views: 20.3ms | ActiveRecord: 0.0ms)
PROVIDER LOGS
jonathan#Jonathan doorkeeper-provider (master) $ rails s
=> Booting WEBrick
=> Rails 4.2.4 application starting in development on http://localhost:3000
=> Run `rails server -h` for more startup options
=> Ctrl-C to shutdown server
[2015-10-24 23:37:24] INFO WEBrick 1.3.1
[2015-10-24 23:37:24] INFO ruby 2.2.3 (2015-08-18) [x86_64-darwin15]
[2015-10-24 23:37:24] INFO WEBrick::HTTPServer#start: pid=59448 port=3000
Started GET "/oauth/authorize?client_id=867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed&redirect_uri=http%3A%2F%2Flocalhost%3A3001%2Fusers%2Fauth%2Fdoorkeeper%2Fcallback&response_type=code&scope=user&state=61dbe5751135b43d5465f979e4dd1bcbbe9dc6935c65e595" for ::1 at 2015-10-24 23:37:40 -0500
ActiveRecord::SchemaMigration Load (0.5ms) SELECT "schema_migrations".* FROM "schema_migrations"
Processing by Doorkeeper::AuthorizationsController#new as HTML
Parameters: {"client_id"=>"867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed", "redirect_uri"=>"http://localhost:3001/users/auth/doorkeeper/callback", "response_type"=>"code", "scope"=>"user", "state"=>"61dbe5751135b43d5465f979e4dd1bcbbe9dc6935c65e595"}
Redirected to http://localhost:3000/users/sign_in
Filter chain halted as :authenticate_resource_owner! rendered or redirected
Completed 302 Found in 11ms (ActiveRecord: 0.0ms)
Started GET "/oauth/authorize?client_id=867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed&redirect_uri=http%3A%2F%2Flocalhost%3A3001%2Fusers%2Fauth%2Fdoorkeeper%2Fcallback&response_type=code&scope=user&state=d5166e94b40231ac06d65ae52f5a9b97a6aee828505f02b9" for ::1 at 2015-10-24 23:37:40 -0500
Processing by Doorkeeper::AuthorizationsController#new as HTML
Parameters: {"client_id"=>"867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed", "redirect_uri"=>"http://localhost:3001/users/auth/doorkeeper/callback", "response_type"=>"code", "scope"=>"user", "state"=>"d5166e94b40231ac06d65ae52f5a9b97a6aee828505f02b9"}
User Load (0.9ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT 1 [["id", 1]]
Doorkeeper::Application Load (0.9ms) SELECT "oauth_applications".* FROM "oauth_applications" WHERE "oauth_applications"."uid" = $1 LIMIT 1 [["uid", "867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed"]]
Doorkeeper::AccessToken Load (0.7ms) SELECT "oauth_access_tokens".* FROM "oauth_access_tokens" WHERE "oauth_access_tokens"."application_id" = $1 AND "oauth_access_tokens"."resource_owner_id" = $2 AND "oauth_access_tokens"."revoked_at" IS NULL ORDER BY created_at desc LIMIT 1 [["application_id", 1], ["resource_owner_id", 1]]
Rendered /Users/jonathan/.rvm/gems/ruby-2.2.3/gems/doorkeeper-3.0.1/app/views/doorkeeper/authorizations/new.html.erb within layouts/doorkeeper/application (10.2ms)
Completed 200 OK in 168ms (Views: 129.9ms | ActiveRecord: 10.5ms)
Started POST "/oauth/authorize" for ::1 at 2015-10-24 23:38:37 -0500
Processing by Doorkeeper::AuthorizationsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "client_id"=>"867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed", "redirect_uri"=>"http://localhost:3001/users/auth/doorkeeper/callback", "state"=>"d5166e94b40231ac06d65ae52f5a9b97a6aee828505f02b9", "response_type"=>"code", "scope"=>"user", "commit"=>"Authorize"}
User Load (0.4ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT 1 [["id", 1]]
Doorkeeper::Application Load (0.3ms) SELECT "oauth_applications".* FROM "oauth_applications" WHERE "oauth_applications"."uid" = $1 LIMIT 1 [["uid", "867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed"]]
(0.2ms) BEGIN
Doorkeeper::AccessGrant Exists (0.7ms) SELECT 1 AS one FROM "oauth_access_grants" WHERE "oauth_access_grants"."token" = 'e1aa1b123ecadb91088527dfa3529181a99fa1f607a88738badd51b24aa2e8ee' LIMIT 1
SQL (0.5ms) INSERT INTO "oauth_access_grants" ("application_id", "resource_owner_id", "expires_in", "redirect_uri", "scopes", "token", "created_at") VALUES ($1, $2, $3, $4, $5, $6, $7) RETURNING "id" [["application_id", 1], ["resource_owner_id", 1], ["expires_in", 1200], ["redirect_uri", "http://localhost:3001/users/auth/doorkeeper/callback"], ["scopes", "user"], ["token", "e1aa1b123ecadb91088527dfa3529181a99fa1f607a88738badd51b24aa2e8ee"], ["created_at", "2015-10-25 04:38:37.602105"]]
(0.4ms) COMMIT
Redirected to http://localhost:3001/users/auth/doorkeeper/callback?code=e1aa1b123ecadb91088527dfa3529181a99fa1f607a88738badd51b24aa2e8ee&state=d5166e94b40231ac06d65ae52f5a9b97a6aee828505f02b9
Completed 302 Found in 24ms (ActiveRecord: 4.2ms)
Started POST "/oauth/token" for ::1 at 2015-10-24 23:38:37 -0500
Processing by Doorkeeper::TokensController#create as */*
Parameters: {"client_id"=>"867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed", "client_secret"=>"[FILTERED]", "code"=>"[FILTERED]", "grant_type"=>"authorization_code", "redirect_uri"=>"http://localhost:3001/users/auth/doorkeeper/callback?code=e1aa1b123ecadb91088527dfa3529181a99fa1f607a88738badd51b24aa2e8ee&state=d5166e94b40231ac06d65ae52f5a9b97a6aee828505f02b9"}
Doorkeeper::AccessGrant Load (0.4ms) SELECT "oauth_access_grants".* FROM "oauth_access_grants" WHERE "oauth_access_grants"."token" = $1 LIMIT 1 [["token", "e1aa1b123ecadb91088527dfa3529181a99fa1f607a88738badd51b24aa2e8ee"]]
Doorkeeper::Application Load (0.3ms) SELECT "oauth_applications".* FROM "oauth_applications" WHERE "oauth_applications"."uid" = $1 AND "oauth_applications"."secret" = $2 LIMIT 1 [["uid", "867e46cc052aafc5c580d328daa475d7024328df71eedfe3d640e197f651f0ed"], ["secret", "857c7e1f887d52064703ef19852032729e321643ab4638d302ab33eb0afe1a57"]]
Completed 401 Unauthorized in 4ms
So the duplicate request issue ended up just being javascript, likely turbolinks for some reason firing the request twice.
Thanks max
I have an application where users can log in to their firms subdomain.
I use devise. And this code redirects the user form the root domain to the subdomain.
def after_sign_in_path_for(resource_or_scope)
scope = Devise::Mapping.find_scope!(resource_or_scope)
subdomain_name = current_user.firm.subdomain
if current_subdomain.nil?
# logout of root domain and login by token to subdomain
token = Devise.friendly_token
current_user.loginable_token = token
current_user.save
sign_out(current_user)
flash[:notice] = nil
home_path = valid_user_url(token, :subdomain => subdomain_name)
return home_path
else
if subdomain_name != current_subdomain.name
# user not part of current_subdomain
sign_out(current_user)
flash[:notice] = nil
flash[:alert] = "Sorry, invalid user or password for subdomain"
end
end
super
end
It works super in chrome, firefox, opera and safari, but it does not work in IE9. I do not get any error messages. Form the log i see that the user gets sigend in and when the user get redirected to the home page he/she is unauthorized. Has anyone an idea on what is going on? Form the log.
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓",
"authenticity_token"=>"JaffZi9f+Uyovuya8wR2u7LjG9w/3wdUDqTqONt/kFM=",
"user"=>{"email
"=>"andreas#lizz.no", "password"=>"[FILTERED]", "remember_me"=>"0"},
"commit"=>"Sign in"}
User Load (0.0ms) SELECT "users".* FROM "users" WHERE
"users"."email" = ''whatever#atlatis.at' LIMIT 1
(0.0ms) begin transaction
(1.0ms) UPDATE "users" SET
"last_sign_in_at" = '2012-03-02 20:46:06.658370',
"current_sign_in_at" = '2012-03-
02 20:56:29.481286', "sign_in_count" = 41,
"updated_at" = '2012-03-02 20:56:29.482286' WHERE "users"."id" = 1
[paperclip] Saving attachments.
(62.0ms) commit transaction
Firm Load (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."id" = 1 LIMIT 1
Firm Load (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1
CACHE (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1
Redirected to http://den.lvh.me:3000/
Completed 302 Found in 182ms (ActiveRecord: 0.0ms)
Started GET "/" for 127.0.0.1 at 2012-03-02 21:56:29 +0100
Processing by PrivateController#statistics as HTML
Firm Load (0.0ms) SELECT "firms".* FROM "firms" WHERE "firms"."subdomain" = 'den' LIMIT 1
Completed 401 Unauthorized in 2ms
Started GET "/users/sign_in" for 127.0.0.1 at 2012-03-02 21:56:29 +0100
Processing by SessionsController#new as HTML
Rendered devise/_links.erb (2.0ms)
Rendered devise/sessions/new.html.erb within layouts/registration (13.0ms)
Completed 200 OK in 27ms (Views: 26.0ms | ActiveRecord: 0.0ms)
If you are going across subdomain it may be better to simply change your session cookie to be cross-domain.
Editing the session-store.rb file in initializers does this.
Babyreveal::Application.config.session_store :cookie_store,
key: '_babyreveal_session',
:domain => ".mybabyreveal.com"
Notice the . prefix on the domain attribtue. This allows this cookie to be accessible across subdomains and the application should maintain it's session across subdomains. May not be 100% what you are looking for but it should get you going in the right direction.