[bug] [prod] ActiveModel::UnknownAttributeError users/sessions#create

compwron commented 3 years ago

Event in production from casa in users/sessions#create (details) Unhandled error ActiveModel::UnknownAttributeError: unknown attribute 'remember_me' for User. Location vendor/bundle/ruby/2.7.0/gems/activemodel-6.0.3.4/lib/active_model/attribute_assignment.rb:52 - _assign_attribute https://app.bugsnag.com/ruby-for-good/casa/errors/5f90f6ddf86dad00180b3d17?event_id=5fb121cc0062e1bc44dd0000&i=sk&m=oc

vendor/bundle/ruby/2.7.0/gems/activemodel-6.0.3.4/lib/active_model/attribute_assignment.rb:52:in `_assign_attribute': unknown attribute 'remember_me' for User. (ActiveModel::UnknownAttributeError)
    from vendor/bundle/ruby/2.7.0/gems/activemodel-6.0.3.4/lib/active_model/attribute_assignment.rb:43:in `block in _assign_attributes'
    from vendor/bundle/ruby/2.7.0/gems/activemodel-6.0.3.4/lib/active_model/attribute_assignment.rb:42:in `each'
    from vendor/bundle/ruby/2.7.0/gems/activemodel-6.0.3.4/lib/active_model/attribute_assignment.rb:42:in `_assign_attributes'
    from vendor/bundle/ruby/2.7.0/gems/activerecord-6.0.3.4/lib/active_record/attribute_assignment.rb:21:in `_assign_attributes'
    from vendor/bundle/ruby/2.7.0/gems/activemodel-6.0.3.4/lib/active_model/attribute_assignment.rb:35:in `assign_attributes'
    from vendor/bundle/ruby/2.7.0/gems/activerecord-6.0.3.4/lib/active_record/core.rb:325:in `initialize'
    from vendor/bundle/ruby/2.7.0/gems/devise-4.7.3/lib/devise/models/database_authenticatable.rb:45:in `initialize'
    from vendor/bundle/ruby/2.7.0/gems/activerecord-6.0.3.4/lib/active_record/inheritance.rb:70:in `new'
    from vendor/bundle/ruby/2.7.0/gems/activerecord-6.0.3.4/lib/active_record/inheritance.rb:70:in `new'
    from vendor/bundle/ruby/2.7.0/gems/devise-4.7.3/app/controllers/devise/sessions_controller.rb:11:in `new'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/abstract_controller/base.rb:195:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal/rendering.rb:30:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/abstract_controller/callbacks.rb:42:in `block in process_action'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/callbacks.rb:135:in `run_callbacks'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/abstract_controller/callbacks.rb:41:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal/rescue.rb:22:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal/instrumentation.rb:33:in `block in process_action'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal/instrumentation.rb:32:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal/params_wrapper.rb:245:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/activerecord-6.0.3.4/lib/active_record/railties/controller_runtime.rb:27:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/abstract_controller/base.rb:136:in `process'
    from vendor/bundle/ruby/2.7.0/gems/actionview-6.0.3.4/lib/action_view/rendering.rb:39:in `process'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal.rb:190:in `dispatch'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal.rb:238:in `block in action'
    from vendor/bundle/ruby/2.7.0/gems/devise-4.7.3/lib/devise/failure_app.rb:74:in `recall'
    from vendor/bundle/ruby/2.7.0/gems/devise-4.7.3/lib/devise/failure_app.rb:41:in `respond'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/abstract_controller/base.rb:195:in `process_action'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/abstract_controller/base.rb:136:in `process'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal.rb:190:in `dispatch'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_controller/metal.rb:238:in `block in action'
    from vendor/bundle/ruby/2.7.0/gems/devise-4.7.3/lib/devise/failure_app.rb:23:in `call'
    from vendor/bundle/ruby/2.7.0/gems/devise-4.7.3/lib/devise/delegator.rb:7:in `call'
    from vendor/bundle/ruby/2.7.0/gems/warden-1.2.9/lib/warden/manager.rb:143:in `call_failure_app'
    from vendor/bundle/ruby/2.7.0/gems/warden-1.2.9/lib/warden/manager.rb:129:in `process_unauthenticated'
    from vendor/bundle/ruby/2.7.0/gems/warden-1.2.9/lib/warden/manager.rb:44:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/tempfile_reaper.rb:15:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/etag.rb:27:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/conditional_get.rb:40:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/head.rb:12:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/http/content_security_policy.rb:18:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in `context'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/cookies.rb:648:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/callbacks.rb:101:in `run_callbacks'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/callbacks.rb:26:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/actionable_exceptions.rb:18:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/bugsnag-6.18.0/lib/bugsnag/integrations/rack.rb:51:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/debug_exceptions.rb:32:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/railties-6.0.3.4/lib/rails/rack/logger.rb:37:in `call_app'
    from vendor/bundle/ruby/2.7.0/gems/railties-6.0.3.4/lib/rails/rack/logger.rb:26:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/tagged_logging.rb:80:in `block in tagged'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/tagged_logging.rb:28:in `tagged'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/tagged_logging.rb:80:in `tagged'
    from vendor/bundle/ruby/2.7.0/gems/railties-6.0.3.4/lib/rails/rack/logger.rb:26:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/request_store-1.5.0/lib/request_store/middleware.rb:19:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/request_id.rb:27:in `call'
    from vendor/bundle/ruby/2.7.0/gems/skylight-core-4.3.1/lib/skylight/core/probes/action_dispatch/request_id.rb:12:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/method_override.rb:24:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/runtime.rb:22:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/executor.rb:14:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/static.rb:126:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/rack-2.2.3/lib/rack/sendfile.rb:110:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/ssl.rb:74:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/host_authorization.rb:76:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/skylight-core-4.3.1/lib/skylight/core/middleware.rb:98:in `call'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:61:in `block in call'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `block in instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications/instrumenter.rb:24:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/activesupport-6.0.3.4/lib/active_support/notifications.rb:180:in `instrument'
    from vendor/bundle/ruby/2.7.0/gems/actionpack-6.0.3.4/lib/action_dispatch/middleware/stack.rb:60:in `call'
    from vendor/bundle/ruby/2.7.0/gems/railties-6.0.3.4/lib/rails/engine.rb:527:in `call'
    from vendor/bundle/ruby/2.7.0/gems/puma-5.0.4/lib/puma/configuration.rb:239:in `call'
    from vendor/bundle/ruby/2.7.0/gems/puma-5.0.4/lib/puma/request.rb:76:in `block in handle_request'
    from vendor/bundle/ruby/2.7.0/gems/puma-5.0.4/lib/puma/thread_pool.rb:337:in `with_force_shutdown'
    from vendor/bundle/ruby/2.7.0/gems/puma-5.0.4/lib/puma/request.rb:75:in `handle_request'
    from vendor/bundle/ruby/2.7.0/gems/puma-5.0.4/lib/puma/server.rb:430:in `process_client'
    from vendor/bundle/ruby/2.7.0/gems/puma-5.0.4/lib/puma/thread_pool.rb:145:in `block in spawn_thread'

notapatch commented 3 years ago

This is an investigation. I have not taken the issue. I am not a Devise expert.

It would be helpful to have seen the logging before this crash to see if there were clues.

From the User model the timeoutable module has been set but the rememorable has not been set

# app/models/user.rb

class User < ApplicationRecord
  ...                                       Only timeoutable module ==========\/
  devise :database_authenticatable, :invitable, :recoverable, :validatable, :timeoutable
  ...
end

We can see the same in the Devise initializer where the remember_me configuration is commented out and the timeoutable has been configured:

  # config/initializers/devise.rb

   No rememberable configuration set
  # ==> Configuration for :rememberable
  # The time the user will be remembered without asking for credentials again.
  # config.remember_for = 2.weeks

  # Invalidates all the remember me tokens when the user signs out.
  # config.expire_all_remember_me_on_sign_out = true

  # If true, extends the user's remember period when remembered via cookie.
  # config.extend_remember_period = false

  # Options to be passed to the created cookie. For instance, you can set
  # secure: true in order to force SSL only cookies.
  # config.rememberable_options = {}

  ...

  # ==> Configuration for :timeoutable
  # The time you want to timeout the user session without activity. After this
  # time the user will be asked for credentials again. Default is 30 minutes.
  config.timeout_in = 1.hour     <==== Only tiemoutable configured

Interestingly, in the devise_create_users and class DeviseCreateAllCasaAdmins migrations the rememberable attribute is left in. Devise does make choices on the presence of attributes but why this is an issue if you don't actually have the rememberable module in? I don't know.

# db/migrate/...devise_create_users.rb 
class DeviseCreateUsers < ActiveRecord::Migration[6.0]
  def change
    create_table :users do |t|
      ...

      ## Rememberable
      t.datetime :remember_created_at  <=== ??? I was not expecting this
      ...
    end
  end
end

Question

So, the project should have only had Timeoutable and not Rememberable?

Possible next step

Possible next step is to remove the remember_created_at and see if it breaks anything.

compwron commented 3 years ago

Thank you for this investigation! I think that this next step sounds good. That can be part of this issue. Do you want to make a PR for it? :)

Possible next step is to remove the remember_created_at and see if it breaks anything.

littleforest commented 3 years ago

@compwron actually this is occurring due to what we suspect is a script, since it always from the same Russian IP address. I am almost done working on #1358 where we will be able to add the IP address to a blocklist.

compwron commented 3 years ago

Ideally a script wouldn't be able to cause exceptions in our code- I still want to fix this in addition.

notapatch commented 3 years ago

@littleforest - aahh, an attack that all makes sense now.

@compwron Sounds great, I'll PR this tomorrow.

rubyforgood / casa

[bug] [prod] ActiveModel::UnknownAttributeError users/sessions#create #1348

Question

Possible next step