Cookies not working

[mauriballes]

I'm using Rails 5.1.4 and Anycable-Go 0.5.0

I have this code on my Gemfile

...
gem 'anycable-rails'
...

This on my application.rb

require_relative 'boot'

require 'rails/all'

# Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production.
Bundler.require(*Rails.groups)

module Chatstesting
  class Application < Rails::Application

    config.generators do |g|
      g.test_framework :rspec,
        fixtures: true,
        view_specs: true,
        helper_specs: true,
        routing_specs: true,
        controller_specs: true,
        request_specs: true
      g.fixture_replacement :factory_girl, dir: "spec/factories"
      g.template_engine :erb
    end
    config.time_zone = 'America/La_Paz'
    config.active_record.default_timezone = :local # Or :utc

    config.action_cable.url = "ws://0.0.0.0:3334/cable"
    config.action_cable.mount_path = "ws://0.0.0.0:3334/cable"

    # config.paths.add File.join('app/controllers', 'api'), glob: File.join('**', '*.rb')
    # config.autoload_paths += Dir[Rails.root.join('app/controllers', 'api', '*')]

    # Settings in config/environments/* take precedence over those specified here.
    # Application configuration should go into files in config/initializers
    # -- all .rb files in that directory are automatically loaded.
  end
end

This on my environment.rb

# Load the Rails application.
require_relative 'application'

# Initialize the Rails application.
Rails.application.initialize!

My cookie var is empty when I tried to connect

# connection.rb
def connect
  self.current_user = cookies[:username]
end

# sessions_controller.rb
def create
...
cookies[:username] = { value: @username, domain: :all }
...
end

I don't know what to do. Help me please

[palkan]

Hi, @mauriballes!

First, config.action_cable.mount_path should be omitted in config (or nil). But that's not related to the issue.

Do you use localhost do initiate the session? Cookies are set per domain, so you should use the same domain name for both Rails app and anycable-go.
See the instructions on how to share cookies between different subdomains here https://github.com/anycable/anycable/wiki/%5BEXPERIMENTAL%5D-Heroku-Deployment#my-websocket-connection-fails-with-auth-failed-error.

[mauriballes]

Yes, I use 0.0.0.0 for both. Rails app and anycable-go.

[palkan]

Ok.

So what is the exact error message/logs?

[mauriballes]

It's that I don't have cookies. Look my log:
{"QUERY_STRING"=>nil, "SCRIPT_NAME"=>"", "PATH_INFO"=>"/cable", "SERVER_PORT"=>"", "HTTP_HOST"=>nil, "rack.request.form_input"=>"", "rack.input"=>"", "rack.request.form_hash"=>{}, "HTTP_COOKIE"=>""}

The cookies are empty!

[palkan]

Ok, I see.

Do you see anything suspicious in your browser console?

Could you check the request headers in browser's dev tools? Like this (Chrome):

[mauriballes]

I find my problem, thanks. But my problem is that I'm working with subdomains and I can share my cookies

[etagwerker]

@mauriballes How did you fix it? I'm having a similar issue right now.

I see that the cookies are coming in the request, but the session is empty. There is definitely something weird going on with the host name and port.

(byebug) request.cookies
RPC Connect: #<Anycable::ConnectionRequest:0x007fad1cae4b30>
{"remember_user_token"=>"W1sxMTBdLCIkMmEkMTEkZTRXQk1mdUZCWk1qNEVKS1RUNzNwLiIsIjE1Mjg4MjAwOTYuNDI1MjcxIl0=--8926f18453f61371b8559f25c8f5a11b13a81240", "_cc_session"=>"eUlOUVRQT25qL3BnMTZHMmFvWm13NVBBaGg5Y2cxZmViaDcrRXYvVzVQNEZpNEFKbjNqWWlxWWpxVzllbmJxUkhrVlVXRXY2RUM3WHRaRllaeC8rSmhsNitHRmFaWFB4VUd3MDY5RWUzRmVMNWREcEZYVEtEdi92ZHA0Vy9qUlBqeFBGcWROV2hJUVc3ODh0bnNFUVRhVXpXQXVQdGdYOFVNY2VDS0FuYVI1ZFhONHMvOE9RNVVGNVkzOXRsV05yMUxGT3UwcUREdWZaUkxBUElIbnpUUHQ3OUhrL3NrcEJmQ1RzYWp2WjY1TWxWeHVxWmRXZ3NrbVdQNmtaRndMbmU3Vm14YThlcm9Jc0xNMzEzRlA0NFR5T3pySTFmTkNTM3ZUVlZtRVVkYlRhRm9kTjlDVWVSSUdFMmE0RzQ0aWE5Mnp2RzlHY3pKSUJpMGJQdlBuOHBjd3dldVVjOGphbTByOFFRN1l1QVZPT1RCc1Vjek9RUVZrcS9DVjk3YTFILS1sRFZkdnZFb0xndmgzWU8xRFZVRWxBPT0=--c90121bfed93e1de33606dd54ea40570ee596a86"}
(byebug) request.session
Tagged logger is not supported by AnyCable. Skip
{}
(byebug) request.url
"http://:/cable"

This is what I see in the browser:

So I see that the frontend is specifying the host properly. But it seems to be ignored or discarded by the Anycable::Server?

Any ideas, @palkan?

I would expect request.url to output something like this: http://localhost:3334/cable

Update 1

Here is my backtrace:

#0  ApplicationCable::Connection.find_verified_user at /Users/etagwerker/Projects/ombulabs/cc_app/app/channels/application_cable/connection.rb:20
#1  ApplicationCable::Connection.connect at /Users/etagwerker/Projects/ombulabs/cc_app/app/channels/application_cable/connection.rb:7
#2  ActionCable::Connection::Base.handle_open at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/anycable-rails-0.5.3/lib/anycable/rails/actioncable/connection.rb:45
#3  Anycable::RPCHandler.connect(*args) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/anycable-0.5.0/lib/anycable/rpc_handler.rb:24
#4  Anycable::Handler::ExceptionsHandling.connect(*args) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/anycable-0.5.0/lib/anycable/handler/exceptions_handling.rb:8
#5  block in Anycable::Rails::ActiveRecord::ReleaseConnection.block in connect(*args) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/anycable-rails-0.5.3/lib/anycable/rails/activerecord/release_connection.rb:9
#6  Anycable::Rails::ActiveRecord::ReleaseConnection.wrap_release_connection at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/anycable-rails-0.5.3/lib/anycable/rails/activerecord/release_connection.rb:21
#7  Anycable::Rails::ActiveRecord::ReleaseConnection.connect(*args) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/anycable-rails-0.5.3/lib/anycable/rails/activerecord/release_connection.rb:9
ͱ-- #8  Method.call(*args) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_desc.rb:60
#9  block in GRPC::RpcDesc.block in handle_request_response(active_call#GRPC::ActiveCall, mth#Method, inter_ctx#GRPC::InterceptionContext) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_desc.rb:60
#10 GRPC::InterceptionContext.intercept!(type#Symbol, args#Hash) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/interceptors.rb:170
#11 GRPC::RpcDesc.handle_request_response(active_call#GRPC::ActiveCall, mth#Method, inter_ctx#GRPC::InterceptionContext) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_desc.rb:54
#12 GRPC::RpcDesc.run_server_method(active_call#GRPC::ActiveCall, mth#Method, inter_ctx#GRPC::InterceptionContext) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_desc.rb:122
#13 block in GRPC::RpcServer.block in loop_handle_server_calls at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_server.rb:398
#14 block in GRPC::Pool.block in loop_execute_jobs(worker_queue#Thread::Queue) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_server.rb:138
ͱ-- #15 Kernel.loop at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_server.rb:135
#16 GRPC::Pool.loop_execute_jobs(worker_queue#Thread::Queue) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_server.rb:135
#17 block (2 levels) in GRPC::Pool.block (2 levels) in start at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_server.rb:84
ͱ-- #18 Kernel.catch(*args) at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_server.rb:83
#19 block in GRPC::Pool.block in start at /Users/etagwerker/.rvm/gems/ruby-2.4.1@ccl/gems/grpc-1.12.0-universal-darwin/src/ruby/lib/grpc/generic/rpc_server.rb:83

#find_verified_user does something like this:

    def find_verified_user
      user_id = request.session.to_hash.fetch('user.key', [[]])[0][0]
      if verified_user = User.find_by(id: user_id)
        verified_user
      else
        reject_unauthorized_connection
      end
    end

[palkan]

Hi @etagwerker!

AnyCable doesn't use Rails middleware stack, hence request.session is not populated.

Check out the proposed solution from this post: https://medium.com/@leshchuk/from-action-to-any-1e8d863dd4cf (see "Minus Rack middleware" section).