search

phatworx / devise_security_extension

An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.
MIT License
747 stars 346 forks source link

Captchas doesnt work #167

Open beranPro opened 8 years ago

beranPro commented 8 years ago

Hi, i'm getting following error when i'm trying to log in with captchas enabled. In the better errors console the code work fine. Any suggestions?

Processing by Devise::SessionsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"1VpjBtpi4x2zgURGfWoBEffx5sdzkP/SVtzLBnLzlRUXlDp9DBztFa5FlO2fK5Tl4wsWRBjQajJZtPUbWWqm6w==", "user"
=>{"email"=>"user@example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in", "captcha"=>"RGRZME"}
Completed 500 Internal Server Error in 1ms (ActiveRecord: 0.0ms)

ArgumentError - wrong number of arguments (0 for 1):
  devise_security_extension (0.10.0) lib/devise_security_extension/patches/sessions_controller_captcha.rb:7:in `block (2 levels) in <module:Sessions
ControllerCaptcha>'
  actionpack (4.2.6) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
  actionpack (4.2.6) lib/abstract_controller/base.rb:198:in `process_action'
  actionpack (4.2.6) lib/action_controller/metal/rendering.rb:10:in `process_action'
...

My config/initializers/devise_security_extension.rb

Devise.setup do |config|
  # ==> Security Extension
  # Configure security extension for devise

  # Should the password expire (e.g 3.months)
  config.expire_password_after = 9.months

  config.captcha_for_sign_in = true
end

Model: app/models/user.rb

class User < ActiveRecord::Base
  devise :invitable, :database_authenticatable, :registerable, :confirmable,
         :recoverable, :rememberable, :trackable, :validatable, :password_expirable#, :security_questionable#, :password_archivable
end

Installed Versions:

dmz006 commented 8 years ago

I was having the same problem, then downgraded devise_security_extension from 0.10.0 to 0.9.2 and captcha worked again. I've not diff'd the versions to see what's changed but that'll get it working for you.

dmz006 commented 8 years ago

I disabled the devise captchas and decided to use google recaptcha which worked fine for me as well. https://github.com/plataformatec/devise/wiki/How-To:-Use-Recaptcha-with-Devise

jujulisan commented 8 years ago

I have other error with easy captcha. When I did not fill all fields it works, but when I fill password and login in sign in, the app don't ask for captcha.

config/initializers/deviser.rb # captcha integration for sign in form config.captcha_for_sign_in = true

model user.rb devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable, :lockable, :omniauthable, :secure_validatable, :session_limitable

view <%= captcha_tag %> <%= text_field_tag :captcha %>