When I search a User by email, which defaults to "contains", and purposely put in something I know it won't find, it times out and I get the standard "Application Error" page, the status being 503. Logs:
heroku[router]: at=error code=H12 desc="Request timeout" method=GET path="/manage/users?utf8=%E2%9C%93&q%5Bemail_contains%5D=zamm&commit=Filter&order=id_desc" host=www.appname.com request_id=4041fb8b-c14d-45ca-bdba-280d78bac6f3 fwd="198.0.42.137" dyno=web.2 connect=1ms service=30001ms status=503 bytes=0
If I search by last_name with a name I know doesn't exist, it does what it's supposed to, renders a No User's Found message.
Any idea why it would time out searching by email but not other attributes?
Using standard ActiveAdmin filters, ie
filter :first_name
filter :last_name
filter :email
filter :role, as: :select, collection: User::ROLES
Related
In my rails 5 application I have used "devise_token_auth" gem for developing token based API's for authentication purpose. Till date everything was working good, but suddenly I am getting below error,
NoMethodError (undefined method `create_token' for #<User:0x00000002268570>
Could not find any solution on google. Below is the full error,
Started POST "/api/v1/auth/sign_in" for ::1 at 2018-06-05 16:32:34 +0530
(28.8ms) SET NAMES utf8, ##SESSION.sql_mode = CONCAT(CONCAT(##sql_mode, ',STRICT_ALL_TABLES'), ',NO_AUTO_VALUE_ON_ZERO'), ##SESSION.sql_auto_is_null = 0, ##SESSION.wait_timeout = 2147483
(11.0ms) SELECT `schema_migrations`.`version` FROM `schema_migrations` ORDER BY `schema_migrations`.`version` ASC
Processing by DeviseTokenAuth::SessionsController#create as */*
Parameters: {"email"=>"admin#example.com", "password"=>"[FILTERED]", "session"=>{"email"=>"admin#example.com", "password"=>"[FILTERED]"}}
Unpermitted parameter: :session
Unpermitted parameter: :session
User Load (12.3ms) SELECT `users`.* FROM `users` WHERE (BINARY email = 'admin#example.com' AND provider='email') ORDER BY `users`.`id` ASC LIMIT 1
Unpermitted parameter: :session
Unpermitted parameter: :session
Completed 500 Internal Server Error in 395ms (ActiveRecord: 92.9ms)
NoMethodError (undefined method `create_token' for #<User:0x00000002268570>
Did you mean? created_at):
I solved this error by using the Excluding Modules section of the docs.
# app/models/user.rb
class User < ActiveRecord::Base
# notice this comes BEFORE the include statement below
# also notice that :confirmable is not included in this block
devise :database_authenticatable, :recoverable,
:trackable, :validatable, :registerable,
:omniauthable
# note that this include statement comes AFTER the devise block above
include DeviseTokenAuth::Concerns::User
end
Including the DeviseTokenAuth::Concerns::User was what solved the undefined method problem, but I needed this section because it required confirmation (I put the include before the devise block)
After customising Devise routes, I have some issues with the routing.
Currently setup (but failing):
/me/account loads Devise::Registration#edit form
/me/account/:what routes to account_controller#edit
My routes (shortcut):
devise_for :users do
...
end
devise_scope :user do
scope "/me/account" do
get "/" => "users/registrations#edit", :as => :my_account
get "/:what" => "accounts#edit", :as => :my_account_edit
end
end
resources :accounts, :only => [:edit, :update]
Rake routes output:
activate_account GET /reactivate(.:format) users#reactivate
my_account GET /me/account(.:format) users/registrations#edit
my_account_edit GET /me/account/:what(.:format) accounts#edit
cancel GET /me/account/cancel(.:format) users/registrations#cancel
DELETE /me/account(.:format) users/registrations#destroy
edit_account GET /accounts/:id/edit(.:format) accounts#edit
account PATCH /accounts/:id(.:format) accounts#update
PUT /accounts/:id(.:format) accounts#update
Account
Since /me/account is actually showing registrations#edit ( Devise ) and all the /me/account/helpme are custom form fields
This has issues:
No notices shown on /me/account on update or failure
On failure the form is not repopulated with earlier filled in form values
Its not updating the form
/me/account/helpme goes , on form submit , to /accounts/1 ( the current user id ) and throws error
No route matches {:action=>"edit", :controller=>"accounts", :id=>"1", :what=>nil} missing required keys: [:what]
These issues are totally driving me insane. Anyone can provide me some suggestions to fix (one or more ) of these routing issues?
About form submit error.
You need to override url in your form to submit to:
<%= form_for #resource, url: my_account_edit(what: params[:what]) do |f| %>
This should be done in your views or in devise-generated views.
If you didn't generated devise views, then, just run in terminal:
rails g devise:views
EDIT
And you should tell us how your form in views looks like, and how controller handles updates of custom fields.
I'm using Authlogic with my Rails app and I can't figure out why it sometimes won't find a user based on the perishable token. It usually works, but sometimes it won't. I used this code so that users could be verified before being able to log in. However, for example right now, I'm looking at an example where the user is not being found by the perishable token even though, when I look in the DB for the user, the perishable token matches the one for the user.
The process is this:
in users_controller #create
#user.deliver_verification_instructions!(#subdomain)
in user model:
def deliver_verification_instructions!(subdomain)
reset_perishable_token!
Notifier.verification_instructions(self, subdomain).deliver!
end
in my mailer (Notifier.rb)
# email on new user registration to verify user
def verification_instructions(user,subdomain)
#user = user
#subdomain = subdomain
#url = "http://#{#subdomain.name}.foobar.com/user_verifications/#{#user.perishable_token}"
sent_on Time.now
mail(:to => "#{user.first_name} <#{user.email}>",
:subject => "Email Verification",
:from => 'Foo <info#foobar.com>') do |format|
format.text
format.html
end
end
in the email view:
Please click the following link to verify your email address:
<%= #url %>
in User_verifications controller
class UserVerificationsController < ApplicationController
before_filter :load_user_using_perishable_token
def show
#subdomain = Subdomain.find_by_user_name(current_subdomain)
if #user
#user.verify!
flash[:notice] = "Thank you for verifying your account. You may now login."
end
redirect_to home_path
end
private
def load_user_using_perishable_token
#user = User.find_using_perishable_token(params[:id])
flash[:notice] = "Unable to find your account." unless #user
end
end
The code sometimes returns "Unable to find your account." which means it's not finding the perishable token even though the token in the url in the email matches what I see in the database.
When I look at my logs on Heroku all I see it:
2013-01-11 00:10:01+00:00 app web.1 - - Started GET "/user_verifications/lTpNRnjDw4WbyAMUyw6" for 10.253.207.217/ip-10-253-207-217.eu-west-1.compute.internal at 2013-01-11 00:10:01 +0000
2013-01-11 00:10:02+00:00 heroku router - - at=info method=GET path=/user_verifications/lTpNRnjDw4WbyAMUyw6 host=mvfd.foobar.com fwd=10.253.207.217/ip-10-253-207-217.eu-west-1.compute.internal dyno=web.1 queue=0 wait=0ms connect=10ms service=1325ms status=302 bytes=96
2013-01-11 00:10:02+00:00 app web.1 - - cache: [GET /user_verifications/lTpNRnjDw4WbyAMUyw6] miss
2013-01-11 00:10:02+00:00 app web.1 - - Processing by UserVerificationsController#show as HTML
2013-01-11 00:10:02+00:00 app web.1 - - Parameters: {"id"=>"lTpNRnjDw4WbyAMUyw6"}
2013-01-11 00:10:02+00:00 app web.1 - - Redirected to http://mvfd.foobar.com/home
2013-01-11 00:10:02+00:00 app web.1 - - Completed 302 Found in 1008ms
Thanks for any assistance you can provide!
Authlogic expires perishable tokens after 10 minutes by default (for security) so it is likely that some users are following the password reset link after it has expired.
You can change this setting in your User model:
class User < ActiveRecord::Base
acts_as_authentic do |config|
config.perishable_token_valid_for = 1.hour
end
end
https://github.com/binarylogic/authlogic/blob/master/lib/authlogic/acts_as_authentic/perishable_token.rb#L15-L25
OR, pass a different expiration value in to the find_using_perishable_token method in your controller:
#user = User.find_using_perishable_token(params[:id], 1.hour)
https://github.com/binarylogic/authlogic/blob/master/lib/authlogic/acts_as_authentic/perishable_token.rb#L55-L63
Make sure to consider the risk of increasing the expiration value depending on the security requirements of your application.
I have a form with <%= text_field_tag "mykey" %>. The user enters myvalue and submits. How to get this value when the POST request hits the Rails server?
I can see myvalue passing in the POST request:
Started POST "/assessments" for 127.0.0.1 at 2011-07-08 20:04:41 +0900
Processing by AssessmentsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"...", "mykey"=>"myvalue"}
But how can I read this value in my controller?
In AssessmentsController#create, first thing I do is log the params, and it is unfortunately empty:
logger.debug session[:assessment_params].collect {|k,v| "#{k}: #{v}"}.join
Note: I can not use text_field instead of text_field_tag, because of another issue.
If your form isn't a model form, which appears to be the case, you just want params[:mykey].
I have a resource defined like so:
resources :referrals, :except => [:show, :edit, :destroy]
and I'd like to replace (not just add a named route) a default route that Rails produces, specifically the one for the update action.
Here is my rake routes:
referrals GET /referrals(.:format) {:action=>"index", :controller=>"referrals"}
POST /referrals(.:format) {:action=>"create", :controller=>"referrals"}
new_referral GET /referrals/new(.:format) {:action=>"new", :controller=>"referrals"}
referral PUT /referrals/:id(.:format) {:action=>"update", :controller=>"referrals"}
share /share(.:format) {:controller=>"referrals", :action=>"new"}
special /special(.:format) {:controller=>"referrals", :action=>"index"}
thanks /thanks(.:format) {:controller=>"pages", :action=>"thanks"}
/:shortlink(.:format) {:controller=>"referrals", :action=>"update"}
/:linktext(.:format) {:controller=>"referrals", :action=>"update"}
root /(.:format) {:controller=>"pages", :action=>"home"}
I'd like either the
/:shortlink(.:format)
or
/:linktext(.:format)
to hit the update action, but not the
/referrals/:id(.:format)
This is to implement a form of non-password "security". When the PUT goes to the update action, I want certain things to happen, but I don't want to require authorization to do this, and I don't want to allow easy guessing of the url based on controller name and simple low-numbered ids.
How can I fully replace the default route given by rails?
resources :referrals, :except => [:show, :edit, :destroy, :update]
match "/whatever_you_want/:variable_here" => "referrals#updated", :as=> the_link, :via=> :put
then in your controller you will access the param with
params[:variable_here]
here the param is whatever you want to compare against in the db, and the path will be create like this:
the_link_path or the_link_url
the :via part will constrain the path per HTTP method so only put request will match
more info here
http://guides.rubyonrails.org/routing.html