search

helpyio / helpy

Helpy is a modern, open source helpdesk customer support application. Features include knowledgebase, community discussions and support tickets integrated with email.
http://helpy.io/?source=ghh
MIT License
2.37k stars 498 forks source link

Error: ActionController::InvalidAuthenticityToken on receiving inbound email #925

Open robguthrie opened 6 years ago

robguthrie commented 6 years ago

Hello, thanks for the fantastic tool. We're considering using Helpy to manage support requests at Loomio.

A key requirement for us is to keep our user data under our control, and we love to support open source tools.

I see there is a little support for mailin as a griddler email processor, but I'm having trouble using it.

I've added a mailin container to my docker-compose.yml file, and configured it to post to helpy:8080/email_processor, I've also configured helpy to use mailin as the inbound email handler and upgraded griddler to the latest verison (1.5.0)

I'm getting the following exception:

helpy          | Error during failsafe response: ActionController::InvalidAuthenticityToken
helpy          |   /usr/local/bundle/gems/actionpack-4.2.10/lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'
helpy          |   /usr/local/bundle/gems/actionpack-4.2.10/lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
helpy          |   /usr/local/bundle/gems/devise-3.5.6/lib/devise/controllers/helpers.rb:257:in `handle_unverified_request'
helpy          |   /usr/local/bundle/gems/actionpack-4.2.10/lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'
and so on

I'm surprised that rails is checking for an authenticity token on the inbound email route.. Any ideas how to disable this?

Btw, We'd love to become a helpy sponsor.

scott commented 6 years ago

Hey @robguthrie-

I have not done a whole lot with Mailin myself so I cannot be too much of a resource there, although if you post up your compose.yml I would be happy to take a look. FYI, I have seen that exception occur when in fact the problem was something entirely unrelated in Helpy. I have not taken the time to figure out why that happens, but just a word of warning that the exception may not be what is breaking the integration. Can you shoot me a note at scott at helpy.io regarding sponsorship?

robguthrie commented 6 years ago

Cool!

Here's my docker-compose: https://gist.github.com/robguthrie/7235b7349bf3c55c275330d9822cef9e

As far as I can tell the email_processor action is requiring an authenticity token, which seems super weird. I'm a massive fan of mailin, it's so much better than a 3rd party handling your emails, I'd be happy to improve support for it within helpy.

scott commented 6 years ago

Also... there is an IMAP strategy which also handles incoming email by getting email from a known inbox. That not currently in master, but but it works well and also keeps you in complete control of your mail as well.

robguthrie commented 6 years ago

That sounds good, would be keen to try it.