Topic: 302 after moving rails app

I had a rails site working and had to move servers, after the move our restful_authentication stopped working.

In short here is whats happening:


When a user logs in, they are just redirected back to the login page.

If I check the logs, The controller action they are trying to go to fails.

Filter chain halted as [:login_required] rendered_or_redirected.
Completed in 1ms (DB: 0) | 302 Found


So we are getting a 302  temporally moved


If I remove the before filter from the controller, the same url now works and I get a 200 ok.


So something is not working right and I am 100% lost on were to start looking.

Its like its not sending the fact that a user is logged in to the other controllers (session cookie  issue ?)



--->  In my session controller I have this

 def create
   logout_keeping_session!
   user = User.authenticate(params[:login], params[:password])
   if user
     # Protects against session fixation attacks, causes request forgery
     # protection if user resubmits an earlier form using back
     # button. Uncomment if you understand the tradeoffs.
     # reset_session
     self.current_user = user
     new_cookie_flag = (params[:remember_me] == "1")
     handle_remember_cookie! new_cookie_flag
     if current_user.is_admin
       redirect_to(main_action_path)
     else
       redirect_back_or_default(:controller=> "navigation", :action=> "show")
     end
     flash[:notice] = "Logged in successfully"
   else
     flash.now[:error] = "Could not validate Username/Password"
     note_failed_signin
     @login       = params[:login]
     @remember_me = params[:remember_me]
     render :action => 'new'
   end
 end

and under the   if current_user.is_admin  I can redirect them to say google and this works.  When a user logged is the current_user.is_admin  does fire and will send them where the redirect is set.

     if current_user.is_admin
       redirect_to("http://www.google.com")
     else

If its set to a controller that uses the before_filter: login_required  then I get the 302 and filter chain error.

     if current_user.is_admin
       redirect_to(main_action_path)
     else

Not sure whats where here or where to start debugging this.

Last edited by deploy_routes (2011-12-20 16:59:37)

Re: 302 after moving rails app

Are you using active record session store or cookie based session store or something else?

Joe got a job, on the day shift, at the Utility Muffin Research Kitchen, arrogantly twisting the sterile canvas snout of a fully charged icing anointment utensil.

Re: 302 after moving rails app

Base Cookie store and I have

environment.rb

config.action_controller.session = { 
  :session_key => '_my_app_session', 
  :secret      => 'some_really_long_and_hashed_key' 
}

Re: 302 after moving rails app

And that did NOT change when you moved the app?  You just copied the app in it's entirety?

Do you implement the 'remember me?' functionality, it's in the code,  but do you actually have :remember_me in your view when a user logs in? 

Have you tried a user that you know has never checked :remember_me, if you're using it?

You could UNcomment the reset_session and see if that changes anything.

Joe got a job, on the day shift, at the Utility Muffin Research Kitchen, arrogantly twisting the sterile canvas snout of a fully charged icing anointment utensil.

Re: 302 after moving rails app

The app was copied in its entirety, I did not change the session_key or the secret.

I think the entire app is working except for the authentication.   I removed the before filter for the user controller so I could create a new user from the admin panel.  I created a new user that did not exist in the old system and tried to log into the new system. Same result .. the routes return a 302 if they are protected by :login_required

The remember me is not present in the view

       <% form_tag session_path do -%>
       <fieldset>
       <p><%= label_tag 'Username' %><br />
       <%= text_field_tag 'login', @login, :class => 'text'%></p>

       <p><%= label_tag 'password' %><br/>
       <%= password_field_tag 'password', nil, :class => 'text' %></p>
       <p><%= submit_tag 'Login' %></p>
       </fieldset>
       <% end -%>

I am going to "UNcomment the reset_session and see if that changes anything."   
Thank you for your help so far, this has really been bugging me.

Re: 302 after moving rails app

deploy_routes wrote:

I am going to "UNcomment the reset_session and see if that changes anything."

Nothing, had no affect.

Re: 302 after moving rails app

Hmm, I'm stumped then

see if this helps:

http://blog.smartlogicsolutions.com/200 … r-cookies/

Joe got a job, on the day shift, at the Utility Muffin Research Kitchen, arrogantly twisting the sterile canvas snout of a fully charged icing anointment utensil.