Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Forcing SSL for DeviseTokenAuth causes error 'new' could not be found #141

Closed
sburke56 opened this issue Feb 8, 2015 · 6 comments
Closed

Forcing SSL for DeviseTokenAuth causes error 'new' could not be found #141

sburke56 opened this issue Feb 8, 2015 · 6 comments
Labels
close-in-7-days

Comments

@sburke56
Copy link

sburke56 commented Feb 8, 2015

I am trying to enable ssl for authentication and registration. I add the following to the production.rb environment to force ssl for the DeviseTokenAuth classes but get this error. The full call stack is at the bottom. I'm guessing this is an error with my setup versus devise_token_auth but any help would be appreciated.

AbstractController::ActionNotFound (The action 'new' could not be found for DeviseTokenAuth::SessionsController):

environments/production.rb

config.to_prepare { DeviseTokenAuth::SessionsController.force_ssl }
config.to_prepare { DeviseTokenAuth::RegistrationsController.force_ssl }
config.to_prepare { DeviseTokenAuth::TokenValidationsController.force_ssl }

production.log

I, [2015-02-08T18:32:31.032943 #6890]  INFO -- : Started POST "/api/v1/auth/sign_in" for 207.244.173.30 at 2015-02-08 18:32:31 -0500
I, [2015-02-08T18:32:31.036738 #6890]  INFO -- : Processing by DeviseTokenAuth::SessionsController#create as JSON
I, [2015-02-08T18:32:31.036969 #6890]  INFO -- :   Parameters: {"email"=>"[email protected]", "password"=>"[FILTERED]", "remembe
r_me"=>0, "redirect_url"=>"http://savethesparkles.com/#/", "session"=>{"email"=>"[email protected]", "password"=>"[FILTERED]", "
remember_me"=>0, "redirect_url"=>"http://savethesparkles.com/#/"}}
I, [2015-02-08T18:32:31.038020 #6890]  INFO -- : Redirected to https://savethesparkles.com/api/v1/auth/sign_in
I, [2015-02-08T18:32:31.038269 #6890]  INFO -- : Filter chain halted as #<Proc:0x00000003a75168@/home/ubuntu/sandbox/sparkle/shared/bun
dle/ruby/1.9.1/gems/actionpack-4.1.4/lib/action_controller/metal/force_ssl.rb:65> rendered or redirected
I, [2015-02-08T18:32:31.038579 #6890]  INFO -- : Completed 301 Moved Permanently in 1ms (ActiveRecord: 0.0ms)
I, [2015-02-08T18:32:31.096425 #6890]  INFO -- : Started GET "/api/v1/auth/sign_in" for 207.244.173.30 at 2015-02-08 18:32:31 -0500
F, [2015-02-08T18:32:31.098640 #6890] FATAL -- : 
AbstractController::ActionNotFound (The action 'new' could not be found for DeviseTokenAuth::SessionsController):
  actionpack (4.1.4) lib/abstract_controller/base.rb:131:in `process'
  actionview (4.1.4) lib/action_view/rendering.rb:30:in `process'
  actionpack (4.1.4) lib/action_controller/metal.rb:196:in `dispatch'
  actionpack (4.1.4) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
  actionpack (4.1.4) lib/action_controller/metal.rb:232:in `block in action'
  actionpack (4.1.4) lib/action_dispatch/routing/route_set.rb:82:in `call'
  actionpack (4.1.4) lib/action_dispatch/routing/route_set.rb:82:in `dispatch'
  actionpack (4.1.4) lib/action_dispatch/routing/route_set.rb:50:in `call'
  actionpack (4.1.4) lib/action_dispatch/routing/mapper.rb:45:in `call'
  actionpack (4.1.4) lib/action_dispatch/journey/router.rb:71:in `block in call'
  actionpack (4.1.4) lib/action_dispatch/journey/router.rb:59:in `each'
  actionpack (4.1.4) lib/action_dispatch/journey/router.rb:59:in `call'
@lynndylanhurley
Copy link
Owner

This gem doesn't use the new action.

It looks like force_ssl accepts an except param (docs are here). Can you try passing except: :new as an argument to the force_ssl method?

@milesmatthias
Copy link
Contributor

@lynndylanhurley why does mount_devise_token_auth_for write a route for the new action?

@lynndylanhurley
Copy link
Owner

https://github.com/lynndylanhurley/devise_token_auth#why-are-the-new-routes-included-if-this-gem-doesnt-use-them

@milesmatthias - removing the new route would be a large, sustained effort for a near-zero benefit.

@sburke56
Copy link
Author

@lynndylanhurley I will try and get back to this this week to answer your question. As a workaround I simply used ssl for all routes.
config.force_ssl = true

@milesmatthias
Copy link
Contributor

@lynndylanhurley that's cool, but instead of raising an exception when you get /auth/sign_in, shouldn't you return a message saying something like "Use post /auth/sign_in to sign in."

Having it raise an exception just makes the gem seem unfinished and doesn't guide the developer to what they should be doing with the unhelpful exception that gets raised.

I'll open a separate issue and send you a PR since this is slightly different than what this ticket talks about.

@milesmatthias milesmatthias mentioned this issue Mar 18, 2015
Closed
@zachfeldman
Copy link
Contributor

Hi there @sburke56 and @milesmatthias ,

In an effort to cleanup this project and prioritize a bit, we're marking issues that haven't had any activity in a while with a "close-in-7-days" label. If we don't hear from you in about a week, we'll be closing this issue. Obviously feel free to re-open it at any time if it's the right time or this was done in error!

If you are still having the issue (especially if it's a bug report) please refer to our new Issue Template to provide some more details to help us solve it.

Hope all is well.

@sburke56 sburke56 closed this as completed Oct 6, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
close-in-7-days
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sburke56 @lynndylanhurley @milesmatthias @zachfeldman