If I click destroy on any record for my 3 models models, the user gets logged out. I'm using Devise and Ominauth.
#This logs out a user
def destroy
@rating = Rating.find(params[:id])
@rating.destroy
end
Started POST "/ratings/29" for 192.168.1.103 at 2011-02-26 20:11:45 +0000
Processing by RatingsController#destroy as HTML
Parameters: {"id"=>"29"}
User Load (0.5ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 2 LIMIT 1
Rating Load (0.3ms) SELECT `ratings`.* FROM `ratings` WHERE `ratings`.`id` = 29 LIMIT 1
SQL (0.0ms) BEGIN
AREL (0.5ms) DELETE FROM `ratings` WHERE `ratings`.`id` = 29
SQL (2.7ms) COMMIT
Request
Parameters:
None
Show session dump
session_id: "16a92c418fdfa8966b60b09e76346443"
Show env dump
GATEWAY_INTERFACE: "CGI/1.1"
HTTP_ACCEPT: "application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"
HTTP_ACCEPT_CHARSET: "ISO-8859-1,utf-8;q=0.7,*;q=0.3"
HTTP_ACCEPT_ENCODING: "gzip,deflate,sdch"
HTTP_ACCEPT_LANGUAGE: "en-US,en;q=0.8"
HTTP_CACHE_CONTROL: "max-age=0"
HTTP_CONNECTION: "keep-alive"
HTTP_COOKIE: "_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14"
HTTP_HOST: "192.168.1.105:3000"
HTTP_IF_NONE_MATCH: "\"2d7f4ba60c47e0cf39f1361e2274fa89\""
HTTP_REFERER: "http://192.168.1.105:3000/subjects"
HTTP_USER_AGENT: "Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.82 Safari/534.16"
HTTP_VERSION: "HTTP/1.1"
PATH_INFO: "/subjects"
QUERY_STRING: ""
REMOTE_ADDR: "192.168.1.103"
REMOTE_HOST: "192.168.1.103"
REQUEST_METHOD: "GET"
REQUEST_PATH: "/"
REQUEST_URI: "http://192.168.1.105:3000/subjects"
SCRIPT_NAME: ""
SERVER_NAME: "192.168.1.105"
SERVER_PORT: "3000"
SERVER_PROTOCOL: "HTTP/1.1"
SERVER_SOFTWARE: "WEBrick/1.3.1 (Ruby/1.9.2/2010-12-25)"
action_controller.instance: #<SubjectsController:0x90ecc1c @action_has_layout=true, @view_context_class=nil, @_headers={"Content-Type"=>"text/html"}, @_status=200, @_response=#<ActionDispatch::Response:0x90ecb68 ......Too long - had to cut it off
action_dispatch.cookies: {"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}
action_dispatch.parameter_filter: [:password, :password, :password_confirmation]
action_dispatch.remote_ip: 192.168.1.103
action_dispatch.request.content_type: nil
action_dispatch.request.formats: [text/html]
action_dispatch.request.parameters: {"action"=>"index", "controller"=>"subjects"}
action_dispatch.request.path_parameters: {:action=>"index", :controller=>"subjects"}
action_dispatch.request.query_parameters: {}
action_dispatch.request.request_parameters: {}
action_dispatch.request.unsigned_session_cookie: {"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}
action_dispatch.secret_token: "b3dc65e5cc9d1af31fb06160a604132f5a1f4d13edc313d74cb1bfd7e63994d429f6e8032669ea26ff4a8dab66b79f6070f8449b4a422a7862bb4307a4d84416"
rack.errors: #<IO:<STDERR>>
rack.input: #<StringIO:0x913578c>
rack.multiprocess: false
rack.multithread: false
rack.request.cookie_hash: {"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}
rack.request.cookie_string: "_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14"
rack.request.query_hash: {}
rack.request.query_string: ""
rack.run_once: false
rack.session: {"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}
rack.session.options: {:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :id=>"199411b3c1c3ce55b0d3cb86cab0cb76"}
rack.url_scheme: "http"
rack.version: [1, 1]
warden: #<Warden::Proxy:0x9133bf8 @winning_strategies={}, @users={:user=>nil}, @env={"GATEWAY_INTERFACE"=>"CGI/1.1", "PATH_INFO"=>"/subjects", "QUERY_STRING"=>"", "REMOTE_ADDR"=>"192.168.1.103", "REMOTE_HOST"=>"192.168.1.103", "REQUEST_METHOD"=>"GET", "REQUEST_URI"=>"http://192.168.1.105:3000/subjects", "SCRIPT_NAME"=>"", "SERVER_NAME"=>"192.168.1.105", "SERVER_PORT"=>"3000", "SERVER_PROTOCOL"=>"HTTP/1.1", "SERVER_SOFTWARE"=>"WEBrick/1.3.1 (Ruby/1.9.2/2010-12-25)", "HTTP_HOST"=>"192.168.1.105:3000", "HTTP_CONNECTION"=>"keep-alive", "HTTP_REFERER"=>"http://192.168.1.105:3000/subjects", "HTTP_CACHE_CONTROL"=>"max-age=0", "HTTP_USER_AGENT"=>"Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.82 Safari/534.16", "HTTP_ACCEPT"=>"application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5", "HTTP_ACCEPT_ENCODING"=>"gzip,deflate,sdch", "HTTP_ACCEPT_LANGUAGE"=>"en-US,en;q=0.8", "HTTP_ACCEPT_CHARSET"=>"ISO-8859-1,utf-8;q=0.7,*;q=0.3", "HTTP_COOKIE"=>"_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14", "HTTP_IF_NONE_MATCH"=>"\"2d7f4ba60c47e0cf39f1361e2274fa89\"", "rack.version"=>[1, 1], "rack.input"=>#<StringIO:0x913578c>, "rack.errors"=>#<IO:<STDERR>>, "rack.multithread"=>false, "rack.multiprocess"=>false, "rack.run_once"=>false, "rack.url_scheme"=>"http", "HTTP_VERSION"=>"HTTP/1.1", "REQUEST_PATH"=>"/", "action_dispatch.parameter_filter"=>[:password, :password, :password_confirmation], "action_dispatch.secret_token"=>"b3dc65e5cc9d1af31fb06160a604132f5a1f4d13edc313d74cb1bfd7e63994d429f6e8032669ea26ff4a8dab66b79f6070f8449b4a422a7862bb4307a4d84416", "action_dispatch.remote_ip"=>192.168.1.103, "rack.session"=>{"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}, "rack.session.options"=>{:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :id=>"199411b3c1c3ce55b0d3cb86cab0cb76"}, "rack.request.cookie_string"=>"_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14", "rack.request.cookie_hash"=>{"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}, "action_dispatch.cookies"=>{"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}, "action_dispatch.request.unsigned_session_cookie"=>{"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}, "warden"=>#<Warden::Proxy:0x9133bf8 ...>, "action_dispatch.request.path_parameters"=>{:action=>"index", :controller=>"subjects"}, "action_controller.instance"=>#<SubjectsController:0x90ecc1c @action_has_layout=true, @view_context_class=nil, @_headers={"Content-Type"=>"text/html"}, @_status=200, @_response=#<ActionDispatch::Response:0x90ecb68 @writer=#<Proc:0x90ecaf0@/usr/local/rvm/gems/ruby-1.9.2-p136@traitly/gems/actionpack-3.0.4/lib/action_dispatch/http/response.rb:43 (lambda)>, @block=nil, @length=0, @header={}, @status=200, @body=[], @cookie=[], @sending_file=false, @blank=false, @cache_control={}, @etag=nil, @request=#<ActionDispatch::Request:0x90ecb7c @env={...}, @fullpath="/subjects", @request_method="GET", @filtered_parameters={"action"=>"index", "controller"=>"subjects"}, @method="GET">>, @_request=#<ActionDispatch::Request:0x90ecb7c @env={...}, @fullpath="/subjects", @request_method="GET", @filtered_parameters={"action"=>"index", "controller"=>"subjects"}, @method="GET">, @_env={...}, @lookup_context=#<ActionView::LookupContext:0x90ec4c4 @details_key=nil, @details={:handlers=>[:erb, :rjs, :builder, :rhtml, :rxml], :formats=>[:html], :locale=>[:en, :en]}, @skip_default_locale=false, @frozen_formats=false, @view_paths=[/root/projects/traitly/app/views, /usr/local/rvm/gems/ruby-1.9.2-p136@traitly/gems/devise-1.1.7/app/views]>, @_action_name="index", @_response_body=nil, @_config={}, @current_user=nil>, "action_dispatch.request.content_type"=>nil, "action_dispatch.request.request_parameters"=>{}, "rack.request.query_string"=>"", "rack.request.query_hash"=>{}, "action_dispatch.request.query_parameters"=>{}, "action_dispatch.request.parameters"=>{"action"=>"index", "controller"=>"subjects"}, "action_dispatch.request.formats"=>[t
You're using Rails 3, which uses JavaScript to issue delete requests. Because the request isn't set up properly, your log is showing Started POST
instead of the correct Started DELETE
.
The request will also not include the required CSRF data, and as of Rails 3.0.4 the session is silently reset instead of throwing an ActionController::InvalidAuthenticityToken
error. This is why you suspect the authentication issue lies with Devise, but it is actually being triggered within Rails itself.
To fix this include the following in your layout:
<%= javascript_include_tag :defaults %>
<%= csrf_meta_tag %>
Also ensure you have an updated rails.js (which contains the JavaScript code used for delete requests). The Rails 3.0.4 upgrade notes explain the issue in more detail.
If you're using the jquery rails.js replacement, you can get the updated version from here.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With