Closed andrewhavens closed 9 years ago
Could you paste your Gemfile? We've made a lot of change a few days ago.
Gemfile.lock will be better here IMHO.
2015-07-19 23:35 GMT+02:00 Brice Sanchez notifications@github.com:
Could you paste your Gemfile? We've made a lot of change a few days ago.
— Reply to this email directly or view it on GitHub https://github.com/refinery/refinerycms-authentication-devise/issues/5#issuecomment-122708333 .
Yes @simi, both are the best ;)
GIT
remote: https://github.com/refinery/refinerycms
revision: 9253deaefe7351913cfbf149033773254361f0f0
branch: master
specs:
refinerycms (3.0.0)
refinerycms-core (= 3.0.0)
refinerycms-images (= 3.0.0)
refinerycms-pages (= 3.0.0)
refinerycms-resources (= 3.0.0)
refinerycms-core (3.0.0)
actionpack (>= 4.1.5, < 5.0)
activerecord (>= 4.1.5, < 5.0)
awesome_nested_set (~> 3.0.0)
coffee-rails (~> 4.0, >= 4.0.0)
decorators (~> 2.0.0)
jquery-rails (>= 2.3.0)
jquery-ui-rails (~> 5.0.0)
railties (>= 4.1.5, < 5.0)
refinerycms-i18n (~> 3.0.0)
sass-rails (>= 4.0, < 5.1)
truncate_html (~> 0.9)
will_paginate (~> 3.0.2)
zilch-authorisation
refinerycms-images (3.0.0)
dragonfly (~> 1.0.0)
refinerycms-core (= 3.0.0)
refinerycms-pages (3.0.0)
awesome_nested_set (~> 3.0.0)
babosa (!= 0.3.6)
friendly_id (~> 5.1.0)
globalize (>= 4.0.0, < 5.2)
refinerycms-core (= 3.0.0)
seo_meta (~> 2.0.0.rc.1)
speakingurl-rails (~> 1.1.2)
refinerycms-resources (3.0.0)
acts_as_indexed (~> 0.8.0)
dragonfly (~> 1.0.0)
refinerycms-core (= 3.0.0)
GEM
remote: https://rubygems.org/
specs:
actionmailer (4.2.3)
actionpack (= 4.2.3)
actionview (= 4.2.3)
activejob (= 4.2.3)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 1.0, >= 1.0.5)
actionpack (4.2.3)
actionview (= 4.2.3)
activesupport (= 4.2.3)
rack (~> 1.6)
rack-test (~> 0.6.2)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (4.2.3)
activesupport (= 4.2.3)
builder (~> 3.1)
erubis (~> 2.7.0)
rails-dom-testing (~> 1.0, >= 1.0.5)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
activejob (4.2.3)
activesupport (= 4.2.3)
globalid (>= 0.3.0)
activemodel (4.2.3)
activesupport (= 4.2.3)
builder (~> 3.1)
activerecord (4.2.3)
activemodel (= 4.2.3)
activesupport (= 4.2.3)
arel (~> 6.0)
activesupport (4.2.3)
i18n (~> 0.7)
json (~> 1.7, >= 1.7.7)
minitest (~> 5.1)
thread_safe (~> 0.3, >= 0.3.4)
tzinfo (~> 1.1)
acts_as_indexed (0.8.3)
addressable (2.3.8)
arel (6.0.2)
awesome_nested_set (3.0.2)
activerecord (>= 4.0.0, < 5)
babosa (1.0.2)
bcrypt (3.1.10)
binding_of_caller (0.7.2)
debug_inspector (>= 0.0.1)
builder (3.2.2)
byebug (5.0.0)
columnize (= 0.9.0)
coffee-rails (4.1.0)
coffee-script (>= 2.2.0)
railties (>= 4.0.0, < 5.0)
coffee-script (2.4.1)
coffee-script-source
execjs
coffee-script-source (1.9.1.1)
columnize (0.9.0)
debug_inspector (0.0.2)
decorators (2.0.1)
railties (>= 4.0.0, < 5.0.0)
devise (3.5.1)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 3.2.6, < 5)
responders
thread_safe (~> 0.1)
warden (~> 1.2.3)
dragonfly (1.0.10)
addressable (~> 2.3)
multi_json (~> 1.0)
rack (>= 1.3.0)
erubis (2.7.0)
execjs (2.5.2)
friendly_id (5.1.0)
activerecord (>= 4.0.0)
globalid (0.3.5)
activesupport (>= 4.1.0)
globalize (5.0.1)
activemodel (>= 4.2.0, < 4.3)
activerecord (>= 4.2.0, < 4.3)
i18n (0.7.0)
jbuilder (2.3.1)
activesupport (>= 3.0.0, < 5)
multi_json (~> 1.2)
jquery-rails (4.0.4)
rails-dom-testing (~> 1.0)
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
jquery-ui-rails (5.0.5)
railties (>= 3.2.16)
json (1.8.3)
loofah (2.0.2)
nokogiri (>= 1.5.9)
mail (2.6.3)
mime-types (>= 1.16, < 3)
mime-types (2.6.1)
mini_portile (0.6.2)
minitest (5.7.0)
multi_json (1.11.2)
nokogiri (1.6.6.2)
mini_portile (~> 0.6.0)
orm_adapter (0.5.0)
quiet_assets (1.1.0)
railties (>= 3.1, < 5.0)
rack (1.6.4)
rack-test (0.6.3)
rack (>= 1.0)
rails (4.2.3)
actionmailer (= 4.2.3)
actionpack (= 4.2.3)
actionview (= 4.2.3)
activejob (= 4.2.3)
activemodel (= 4.2.3)
activerecord (= 4.2.3)
activesupport (= 4.2.3)
bundler (>= 1.3.0, < 2.0)
railties (= 4.2.3)
sprockets-rails
rails-deprecated_sanitizer (1.0.3)
activesupport (>= 4.2.0.alpha)
rails-dom-testing (1.0.6)
activesupport (>= 4.2.0.beta, < 5.0)
nokogiri (~> 1.6.0)
rails-deprecated_sanitizer (>= 1.0.1)
rails-html-sanitizer (1.0.2)
loofah (~> 2.0)
rails-i18n (4.0.4)
i18n (~> 0.6)
railties (~> 4.0)
railties (4.2.3)
actionpack (= 4.2.3)
activesupport (= 4.2.3)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rake (10.4.2)
rdoc (4.2.0)
refinerycms-acts-as-indexed (2.0.1)
acts_as_indexed (~> 0.8.0)
decorators (~> 2.0.0)
refinerycms-core (~> 3.0.0)
refinerycms-authentication-devise (1.0.1)
actionmailer (~> 4.2, >= 4.2.0)
devise (~> 3.0, >= 3.2.4)
friendly_id (~> 5.1.0)
refinerycms-core (~> 3.0, >= 3.0.0)
refinerycms-i18n (3.0.1)
rails-i18n (~> 4.0.1)
routing-filter (>= 0.4.0)
refinerycms-wymeditor (1.0.6)
refinerycms-core (~> 3.0, >= 3.0.0)
responders (2.1.0)
railties (>= 4.2.0, < 5)
routing-filter (0.5.0)
actionpack (~> 4.2)
activesupport (~> 4.2)
sass (3.4.16)
sass-rails (5.0.3)
railties (>= 4.0.0, < 5.0)
sass (~> 3.1)
sprockets (>= 2.8, < 4.0)
sprockets-rails (>= 2.0, < 4.0)
tilt (~> 1.1)
sdoc (0.4.1)
json (~> 1.7, >= 1.7.7)
rdoc (~> 4.0)
seo_meta (2.0.0.rc.1)
railties (>= 3.0.0)
speakingurl-rails (1.1.5)
railties (>= 3.1)
spring (1.3.6)
sprockets (3.2.0)
rack (~> 1.0)
sprockets-rails (2.3.2)
actionpack (>= 3.0)
activesupport (>= 3.0)
sprockets (>= 2.8, < 4.0)
sqlite3 (1.3.10)
thor (0.19.1)
thread_safe (0.3.5)
tilt (1.4.1)
truncate_html (0.9.3)
turbolinks (2.5.3)
coffee-rails
tzinfo (1.2.2)
thread_safe (~> 0.1)
uglifier (2.7.1)
execjs (>= 0.3.0)
json (>= 1.8.0)
warden (1.2.3)
rack (>= 1.0)
web-console (2.2.1)
activemodel (>= 4.0)
binding_of_caller (>= 0.7.2)
railties (>= 4.0)
sprockets-rails (>= 2.0, < 4.0)
will_paginate (3.0.7)
zilch-authorisation (0.0.1)
PLATFORMS
ruby
DEPENDENCIES
byebug
coffee-rails (~> 4.1.0)
jbuilder (~> 2.0)
jquery-rails
quiet_assets
rails (= 4.2.3)
refinerycms!
refinerycms-acts-as-indexed (~> 2.0, >= 2.0.0)
refinerycms-authentication-devise (~> 1.0)
refinerycms-wymeditor (~> 1.0, >= 1.0.6)
sass-rails (~> 5.0)
sdoc (~> 0.4.0)
spring
sqlite3
turbolinks
uglifier (>= 1.3.0)
web-console (~> 2.0)
BUNDLED WITH
1.10.5
source 'https://rubygems.org'
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '4.2.3'
# Use sqlite3 as the database for Active Record
group :development, :test do
gem 'sqlite3'
end
# Use SCSS for stylesheets
gem 'sass-rails', '~> 5.0'
# Use Uglifier as compressor for JavaScript assets
gem 'uglifier', '>= 1.3.0'
# Use CoffeeScript for .coffee assets and views
gem 'coffee-rails', '~> 4.1.0'
# See https://github.com/rails/execjs#readme for more supported runtimes
# gem 'therubyracer', platforms: :ruby
# Use jquery as the JavaScript library
gem 'jquery-rails'
# Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks
gem 'turbolinks'
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
gem 'jbuilder', '~> 2.0'
# bundle exec rake doc:rails generates the API under doc/api.
gem 'sdoc', '~> 0.4.0', group: :doc
# Use ActiveModel has_secure_password
# gem 'bcrypt', '~> 3.1.7'
# Use Unicorn as the app server
# gem 'unicorn'
# Use Capistrano for deployment
# gem 'capistrano-rails', group: :development
group :development, :test do
# Call 'byebug' anywhere in the code to stop execution and get a debugger console
gem 'byebug'
# Access an IRB console on exception pages or by using <%= console %> in views
gem 'web-console', '~> 2.0'
# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
gem 'spring'
end
gem 'refinerycms', git: 'https://github.com/refinery/refinerycms', branch: 'master'
gem 'quiet_assets', group: :development
# Add support for searching inside Refinery's admin interface.
gem 'refinerycms-acts-as-indexed', ['~> 2.0', '>= 2.0.0']
# Add support for Refinery's custom fork of the visual editor WYMeditor.
gem 'refinerycms-wymeditor', ['~> 1.0', '>= 1.0.6']
# The default authentication adapter
gem 'refinerycms-authentication-devise', '~> 1.0'
I didn't have this error with https://github.com/bricesanchez/spree-refinery-authentication.
I could try tomorrow after a bundle update.
It works for me on my project with spree and spree-refinery-authentication.
Critical line is "Can't verify CSRF token authenticity". Works when you are creating a new user, but not for any subsequent log in. Oddly, this only occurs in our dev environment.
Hi, I faced with the same bug. Looks that I found the root cause. Devise will delete _csrf_token in subsequent calls of detect_authentication_devise_user and this will lead to "Can't verify CSRF..." during login. See callchain:
after delete _csrf_token {"session_id"=>"eeb996e15bfac4fbac8857e215186e14", "flash"=>{"discard"=>["notice"], "flashes"=> {"notice"=>"Signed out successfully."}}, "return_to"=>"/refinery", "warden.user.authentication_devise_user.key"=>[[1], "$2a$10$Xp9PMlQWx8D.osz4y22Zbe"]} C:/Ruby21/lib/ruby/gems/2.1.0/gems/activesupport-4.2.3/lib/active_support/core_ext/object/try.rb:77:in
public_send' C:/Ruby21/lib/ruby/gems/2.1.0/gems/activesupport-4.2.3/lib/active_support/core_ext/object/try.rb:77:in
try!' C:/Ruby21/lib/ruby/gems/2.1.0/gems/activesupport-4.2.3/lib/active_support/core_ext/object/try.rb:63:intry' C:/Ruby21/lib/ruby/gems/2.1.0/gems/devise-3.5.1/lib/devise/hooks/csrf_cleaner.rb:5:in
block in <top (required)>' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/hooks.rb:14:incall' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/hooks.rb:14:in
block in _run_callbacks' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/hooks.rb:9:ineach' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/hooks.rb:9:in
_run_callbacks' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/manager.rb:53:in_run_callbacks' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/proxy.rb:179:in
set_user' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/proxy.rb:323:in_perform_authentication' C:/Ruby21/lib/ruby/gems/2.1.0/gems/warden-1.2.3/lib/warden/proxy.rb:104:in
authenticate' C:/Ruby21/lib/ruby/gems/2.1.0/gems/devise-3.5.1/lib/devise/controllers/helpers.rb:120:incurrent_authentication_devise_user' C:/Ruby21/lib/ruby/gems/2.1.0/gems/refinerycms-authentication-devise-1.0.1/app/decorators/controllers/action_controller_base_decorator.rb:19:in
detect_authentication_devise_user!'
Please see my pull request. I'm new at ruby/rails and probably this is not the best solution.
Fixed by #7 - wonderful solution!
Please update to version 1.0.2 or above (if you're reading this later when/if there are more versions).
Just created my Refinery app a few days ago, just bundle updated refinery as well as this gem, and I keep getting redirected to the login screen when I try to log in using correct credentials. Reset password works though.