So logging in to my site has suddenly stopped working... I haven't changed the login form and yet every time I try to log in now it comes back with 'Invalid email or password'. Using a password reset link allows me to change the password and logs me in but if I log out again and try using the password I just set it doesn't work.
I'm absolutely tearing my hair out, I've run out of ideas and it's 2am here so everything's looking pretty bleak. Just some ideas about how I might debug the problem would be great.
Thanks!
So, as is often the case, this was just me being an idiot. Note to self: don't just casually run bundle update without thinking about it and without specifying the actual gem you're interested in, unless you've got a lot of free time and a plentiful supply of Prozac.
When I do get around to deliberately upgrading Devise, this is what I'll need: https://github.com/plataformatec/devise/wiki/How-To:-Upgrade-to-Devise-2.0
It's great working from home, riding solo on projects, but I do miss being part of a team - just having someone to talk to about issues that crop up really helps and keeps you out of a mental rut. StackOverflow is my team now, you lucky people, I'll make the coffees.
If the password is correct and you can't login then it points to maybe your password salt or password pepper logic having changed?
In the future, you should have a request test on you signup form so you can catch this when your code changes. Writing a test might help you debug your issue as well. I recommend Capybara for integration testing.
Related
I've been asked to implement 2FA with email codes, like you get from Steam (and many banks), after you haven't logged in for awhile. I initially thought this would have been a flag I could turn on in the Devise config, but I can't find ANY place on the internet that talks about something like this. The desired process would be to generate and email a one-time pad to enter into a confirmation screen. Every reference I've found to 2FA with Devise refers to using things like SMS or an authenticator app.
Working within the framework of Devise, it seems like this might possibly boil down to unconfirming the user every so often, maybe like every other day. That way, the next time they log in, they get another email with a new link to "re-"confirm the login. The best I can find is Warden::Manager.after_authentication to set user.confirmed_at = nil, but this doesn't seem to be doing what I want.
Thanks to a friendly person on Github, I was directed to the Devise plugin, https://github.com/Houdini/two_factor_authentication, which does exactly what I wanted. I knew someone had to have already written it!
I'm a newbie to development and I've been trying to debug something and haven't had much luck. Please bare with rookie knowledge.
I have built a small and simple rails app that I deployed on heroku where you have to sign up as a user by creating a profile, after which you can enter an address or zipcode to find the nearest gyms in your vicinity, which triggers the google places/geocoder api and brings you some results. The app works fine, but for some reason the version on heroku by default has a user that is stored or cached? when I land on my page. I did heroku pg:psql to check and I dont even see that user in my heroku database. On my local environment it works fine and no users are shown by default on the root page of my app when I run my server.
I looked at older threads on SO and I saw somebody saying to type heroku run rake tmp:clear but that gave me this response:
Running `rake tmp:cache:clear` attached to terminal... up, run.3757
stty: standard input: unable to perform all requested operations
Any advice/help is greatly appreciated. I only have about two weeks worth of rails knowledge! Thank you.
Solved! I thought it was related to my code or some inconsistency that happened while I deployed! I stupidly had saved that user when I originally created him when my browser(chrome) prompted me, save password for user? I should have just chosen never or closed out of it. I just when into my settings and manage passwords and deleted the fact that I had chosen to save it. I love how answers get solved right after you ask for help.
I did a major code update, and post which all email/passwords have stopped working.
Not sure what to do, or what the issue is, want to get an idea of what could be possible reasons for this.
Its working fine for any new signups or any passwords that are reset.
Possible issues could be:
1. I changed the session store to activerecord from cookie session store
Do you use git?
If yes you can view the difference between the new code and the old one.
Then you should be able to track down the changes fix the bugs.
You need the command.
git diff
I restarted my production webserver tonight because it was seeming slow. Since it has come back up, no users are able to get to any views with the [Authorize] attribute on them.
There has been absolutely no code changes since November. Not a single tweak or modification of any kind. I'm using the SqlMembership provider and I originally thought the issue was there with the login, but I can see that the call to MembershipProvider.ValidateUser() passes successfully (looked at a SQL trace as well as some logging). After login, I redirect the user to a view decorated with [Authorize] and get denied.
One thing to note that even makes this more strange is that if I register a new user (who gets logged in as part of the user creation process), they are able to get to [Authorize] pages just fine. But if they log out, they are unable to access the [Authorize] pages once they log back in.
I'm pulling my hair out on this one. My production site is down and literally the only thing I did was a simple server restart. I've searched around for hours and at this point have no clue what to even look into next.
If anybody has a some ideas I'd greatly appreciate them - I'm at a complete loss and have a ton of users impacted.
Well, a few windows updates later the issue fixed itself. My guess is there was an update applied but pending reboot that hosed everything up when I restarted. Then when it came back the system found a bunch more windows updates to apply. I ran through these and it fixed the problem upon the next reboot after these were applied.
I am currently working on a Rails project where I am encountering an extremely weird issue with Devise . Initially my client wanted me to have a two step registration i.e. a user fills out a basic information on website and than receive a confirmation link (Confirmable module). The confirmation link is going to take the user to the second step of registration where the user is going to fill out the rest of the important information needed to use the application. This was implemented successfully and was working great.
Recently my client decided to change this behaviour and just have one user registration page and no confirmation email being sent to user. I reverted all the Devise Controllers I modified to get the default behaviour and now there is an extremely weird behaviour in application. If I go to Sign up page and submit the form with user information it redirects back to the sign up page and also sign in the user. So the header changes to the one for signed in user but the page rendered is the registration page where as at the very basic level it should at least redirect the signed in user to the root path.
Same is the case with login page. The user gets signed in but keeps on getting redirected to the same login page. So far I have tried the following workarounds and none of them seems to work :
Devise Wiki
How To: Redirect to a specific page on successful sign in and sign out
Stackoverflow question
Also in addition to this I have not left even one single stackoverflow answer that resembles the problem I am having and also went through the issues in devise repo as well articles to see if I can find a clue to get this to work properly but none of them seems to resolve the issue.
I am working on this for almost two days now and none of the solutions are working out for me. Is there anyone else who also encountered this issue ? If so what was the solution to fix it.
Any help to resolve this issue would be very appreciated.
Note : I am also using Active Admin as well in this application which was implemented after I implemented the user registration flow. Is there anything I need to take care off on that side to resolve this issue ?
Thanks
I ended up reimplementing the devise gem with couple of custom configurations to get this working.