search

riverrun / openmaize

No longer maintained - was an Authentication library for Plug-based applications in Elixir
Other
206 stars 30 forks source link

Error when recovering session from cookie when Heroku server is restarted #43

Closed jaimeiniesta closed 8 years ago

jaimeiniesta commented 8 years ago

Hello, I have a phoenix application with Openmaize 0.19, where users are logged in and remembered via a cookie. It works fine, but when I restart the Heroku server, it fails with this, and I need to delete my cookies to access the site.

2016-06-16T10:34:22.299967+00:00 heroku[web.1]: State changed from starting to up
2016-06-16T10:34:28.716619+00:00 heroku[router]: at=info method=GET path="/" host=example.com request_id=b0703eeb-21cd-4147-ad26-98a52d8f0c2f fwd="..." dyno=web.1 connect=0ms service=249ms status=500 bytes=295
2016-06-16T10:34:28.528526+00:00 app[web.1]: 10:34:28.528 request_id=b0703eeb-21cd-4147-ad26-98a52d8f0c2f [info] GET /
2016-06-16T10:34:28.721654+00:00 app[web.1]: 10:34:28.721 request_id=b0703eeb-21cd-4147-ad26-98a52d8f0c2f [info] Sent 500 in 192ms
2016-06-16T10:34:28.770918+00:00 app[web.1]: 10:34:28.770 [error] #PID<0.439.0> running MyApp.Endpoint terminated
2016-06-16T10:34:28.770930+00:00 app[web.1]: Server: example.com:80 (http)
2016-06-16T10:34:28.770939+00:00 app[web.1]: Request: GET /
2016-06-16T10:34:28.770940+00:00 app[web.1]: ** (exit) an exception was raised:
2016-06-16T10:34:28.770940+00:00 app[web.1]:     ** (ArgumentError) argument error
2016-06-16T10:34:28.770941+00:00 app[web.1]:         :erlang.binary_to_existing_atom("email", :utf8)
2016-06-16T10:34:28.770942+00:00 app[web.1]:         (poison) lib/poison/parser.ex:97: Poison.Parser.object_name/2
2016-06-16T10:34:28.770943+00:00 app[web.1]:         (poison) lib/poison/parser.ex:82: Poison.Parser.object_pairs/3
2016-06-16T10:34:28.770943+00:00 app[web.1]:         (poison) lib/poison/parser.ex:36: Poison.Parser.parse/2
2016-06-16T10:34:28.770944+00:00 app[web.1]:         (poison) lib/poison/parser.ex:50: Poison.Parser.parse!/2
2016-06-16T10:34:28.770944+00:00 app[web.1]:         (poison) lib/poison.ex:83: Poison.decode!/2
2016-06-16T10:34:28.770945+00:00 app[web.1]:         (elixir) lib/enum.ex:1088: Enum."-map/2-lists^map/1-0-"/2
2016-06-16T10:34:28.770946+00:00 app[web.1]:         (elixir) lib/enum.ex:1088: Enum."-map/2-lists^map/1-0-"/2

This already failed in 0.18, I mean, it does not seem related to the related changes about the "Remember me" feature.

jaimeiniesta commented 8 years ago

This does not fail in development, but when I restart my local server, the user is forgotten and is prompted to log in again.

riverrun commented 8 years ago

With the heroku error, does it happen every time you restart? With the user being forgotten after restarting, this is due to how the keys are generated (and then rotated). I want to improve this side of it, but I want to make sure that I'm doing it in a safe way - I obviously don't want the keys leaking. I'll look further into the heroku error, and I'm also working on the other error.

riverrun commented 8 years ago

I've just updated openmaize_jwt. Try mix deps.update openmaize_jwt - I think that will solve the heroku issue.

jaimeiniesta commented 8 years ago

Thanks, this fixes the Heroku error -- the user still needs to login after a restart of the server, but this is a separate issue.

Thanks!