search

rism-digital / muscat

🗂️ A Rails application for the inventory of handwritten and printed music scores
http://muscat-project.org
34 stars 16 forks source link

Login loop after updating to 11.2 on local installation #1664

Closed HirschSt closed 2 weeks ago

HirschSt commented 2 weeks ago

With my local installation it is not possible to login anymore:

Started POST "/admin/login" for XXX at 2024-11-08 10:20:41 +0100
  ActiveRecord::SchemaMigration Load (0.3ms)  SELECT `schema_migrations`.`version` FROM `schema_migrations` ORDER BY `schema_migrations`.`version` ASC
Processing by ActiveAdmin::Devise::SessionsController#create as HTML
  Parameters: {"authenticity_token"=>"[FILTERED]", "user"=>{"login"=>"XXX", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Login"}
  User Load (0.4ms)  SELECT `users`.* FROM `users` WHERE (lower(username) = 'XXX' OR lower(email) = 'XXX') ORDER BY `users`.`id` ASC LIMIT 1
  ↳ app/models/user.rb:171:in `find_for_database_authentication'
  TRANSACTION (0.1ms)  BEGIN
  ↳ app/controllers/application_controller.rb:70:in `user_for_paper_trail'
  User Update (0.4ms)  UPDATE `users` SET `users`.`sign_in_count` = 493, `users`.`current_sign_in_at` = '2024-11-08 09:20:41', `users`.`last_sign_in_at` = '2024-11-08 09:18:42', `users`.`updated_at` = '2024-11-08 09:20:41' WHERE `users`.`id` = 86
  ↳ app/controllers/application_controller.rb:70:in `user_for_paper_trail'
  TRANSACTION (81.0ms)  COMMIT
  ↳ app/controllers/application_controller.rb:70:in `user_for_paper_trail'
Redirected to https://beta.rism.info/admin
Completed 302 Found in 199ms (ActiveRecord: 86.8ms | Allocations: 23144)

Started GET "/admin" for XXX at 2024-11-08 10:20:41 +0100
Processing by Admin::DashboardController#index as HTML
Completed 401 Unauthorized in 2ms (ActiveRecord: 0.0ms | Allocations: 818)

Started GET "/admin/login" for XXX at 2024-11-08 10:20:41 +0100

Any ideas how to fix that?

HirschSt commented 2 weeks ago

Fixed by https://github.com/heartcombo/devise/issues/5652#issuecomment-2376422899 👻

This was a tough nut to crack

fjorba commented 2 weeks ago

Hi, I also found a series of chaotic situations in my 3 test sites, with the same Muscat 11.3 with our bunch of local patches: one was running fine, another could not login with the same error than you, and the third one I could login but I could not submit any form, having a ActionController::InvalidAuthenticityToken error. Google finds many hits with this error combined with Rails 7.1.

In my case, with Apache 2.4.62 and Passenger 6.0.17 from Debian stable (12), I found the solution at https://github.com/phusion/passenger/issues/2503, and the simplest solution was to patch my Debian Passenger with this fix: https://github.com/phusion/passenger/commit/7353892025f245b1f29a35d4337cc0a152aa1bb8. Suddenly, all my errors disappeared!