After restarting a Rails app in production environment and submitting a login form for the first time the application throws an "ActionController::InvalidAuthenticityToken" error.
After the first form submit everything works fine.
The application only logs the action and controller parameters for the first request: {"action"=>"create", "controller"=>"user_sessions"}. All the form parameters, including the authenticity token don't show up, which would explain the error message. Looking at that first form submit post request on the client side I confirmed that the form is submitted correctly (all the parameters are posted correctly)
Production setup gist: Rails 2.3.3, Apache2, Mongrel Cluster, default cookie session store
Local development environment does not have the same issue.
Related
I have a rails app with sorcery for authentication. I'm trying to get Stripe checkout integrated but I'm seeing an issue with Safari. Works fine with Chrome and Firefox.
I can successfully create a Stripe hosted checkout page with the cancel url and the stripe js sends me there in the same browser tab. Problem is when I click on the cancel/back link on the checkout page it goes back to my app and punts me to the login page as it can't find the session and current_user is nil.
Funny thing is that on the login page if I simply type in the cancel url into the address bar it authenticates me successfully so it must find the original session/cookie.
Has anyone encountered this? Is it a caching issue? I see no errors in the log nor in the js console. Just this in the server log...
Filter chain halted as :require_login rendered or redirected
And it's nothing to do with Stripe either as I created a simple test.html page on another server and different domain with a link to the cancel url. Same result. I see the same issue going from https back to my localhost server as well as in a staging environment https -> https.
I've also cleared my Safari cache, history, cookies, restarted the browser and my computer and cleared the rails sessions table to no avail. I'm using activerecord session store but also tried with plain cookies.
Any hints/solutions would be appreciated. Thanks!
This is apparently a known bug with Safari as of Feb 19 2021. Safari won't send the cookie if it's set to Lax. Rails 6 defaults are lax now where < 6 is wasn't set.
I am very new to ruby on rails. In my rails app, when the user logs in, I need to redirect him along with some info related to the user to an external application( a https url which ends in .action) using POST. Since redirection is a GET request, can somebody give me some pointers?
You can send a POST requests to an external application easily using the HTTParty gem
I have a rails app with one form. After saving that form all data will be send in an email id. Form is working great in development side. But after deploying the app it doesn't work. It's giving the following error in the browser.
We're sorry, but something went wrong.
If you are the application owner check the logs for more information.
In this application I have another contact us form. That form work fine after deployment in production side.
Everything works fine in a development/localhost environment.
When deploying to heroku, using sandbox/test credentials on a new app, and creating a new payment I am getting
A PayPal::SDK::Core::Exceptions::UnauthorizedAccess occurred in orders#create:
Failed. Response code = 401. Response message = Unauthorized.
Again, everything thing works in a development environment
Should I permit any specific domains (like in Facebook integration)?
If you are running a Rails application on a public server, there is quite a chance that the Rails environment is set to "production".
If you further use the config/initializers/paypal.rb and config/paypal.yml generated by the Paypal API SDK's standard generator, then:
the initializer loads configuration for the current Rails environment, which is "production"
and in the production configuration one important line presumes that you want to run on the live API
So most probably you are attempting to communicate with the live API without knowing it. Changing the line to mode: sandbox should make you happy.
I had this problem and I called Paypal. It was a config problem in my account.
To resolve I went to https://developer.paypal.com, logged in, Then clicked on Dashboard Then on my account (left) The Direct credit cards has a grey x next to it so you have to click the link next to it that reads Enable live credentials Once you do this you have to answer some verification questions then they approve your account then your live and the unauthorized error goes away.
I am using Devise and it sends out a confirmation email when a new user account is created. Since I am in development, in localhost, it doesn't really send out the email, so I just copy the confirmation link from the server info that appears on the console.
The thing is, as one particular page grew, the amount of information that the server processes after the email is sent became too large for the terminal, the backscroll ends before I reach the link. I checked /log/development.log but it logs other things. I studied the config and debug parts of the rails doc but I couldn't find anything about server logging.
So now I have no way of copying the confirmation link from the console, and no way of confirming new accounts, which I still need to do since it is part of the proposed flow.
How can I get the server logs?