Open psprojectC opened 6 months ago
I did some more playing around. I spun up the server from the main branch and looked into what gets stored into redis:
owner@DESKTOP-G91GA1P:~$ redis-cli
127.0.0.1:6379> scan 0
1) "0"
2) (empty array)
127.0.0.1:6379> get 0
(nil)
127.0.0.1:6379> scan 0
1) "0"
2) 1) "tf89q1K9FP8dmTwWE45htzgym2RLlg0SE2SywvRXVG3bUbC1LOm2UL8uYqBUvQ0Q"
127.0.0.1:6379> get tf89q1K9FP8dmTwWE45htzgym2RLlg0SE2SywvRXVG3bUbC1LOm2UL8uYqBUvQ0Q
"{\"user_id\":\"\\\"ddf8994f-d522-4659-8d02-c1d479057be6\\\"\"}"
127.0.0.1:6379> monitor
OK
1703677311.854702 [0 <hidden ip>:49076] "SET" "Xjy7LBxUABf1xbJQ1Klngl0rLt0DpEou2JFJXue2t2FmudtHOBlvAaIJg2wVxbG8" "{\"user_id\":\"\\\"ddf8994f-d522-4659-8d02-c1d479057be6\\\"\"}" "NX" "EX" "86400"
I tried to log in twice. First time was without monitoring, second time was with monitoring enabled. Maybe I'm getting something wrong, but my understanding is we use user_id
to retrieve the session auth token. But in the redis itself user_id
is part of JSON that gets stored against those long ass keys. And looking at the code I'm not sure which of those admin_dashboard
is trying to get.
Hotfixed by: https://github.com/LukeMathWalker/zero-to-production/issues/234#issuecomment-1825106004 Although that's far from ideal because it makes cookies less secure
I've been following the book up to the implementation of logging into /dashboard (page 371). After introducing the seeded user I cannot log into /dashboard. I have a reason to believe that the credentials are correct:
We can observe that there is indeed a redirect to dashboard which doesn't happen if I mess up the credentials. My assumption is
actix_session
fails in some way, if we look at the logs I've captured theuserId
key (I use camelCase in my version) is indeed stored in the session, but when it's time to retrieve it back the session is for some reason empty:(I log them as ERROR so that it appears as red in the logs and is easier to spot)
I repeated this experiment with the main branch version of the app. After cloning it, running both init scripts (and changing the host in
local.yaml
from 127.0.0.1 to 0.0.0.0) I get the same behavior. I'll attach the logs (with minor edits):I'd really appreciate any help with tracking this problem down. Conversely, if this is a problem on my end such as misconfiguration or something of this sort I'm really sorry for using an issue incorrectly.