Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ActionController::InvalidAuthenticityToken for Cloudtasker::WorkerController#run #40

Closed
eLod opened this issue Aug 16, 2021 · 11 comments
Closed

ActionController::InvalidAuthenticityToken for Cloudtasker::WorkerController#run #40

eLod opened this issue Aug 16, 2021 · 11 comments
Labels
bug Something isn't working

Comments

@eLod
Copy link

eLod commented Aug 16, 2021

Rails 5.2.2, gem version 0.11.

Cloudtasker::WorkerController uses an ambigious superclass, if Cloudtasker::ApplicationController is not loaded it simply subclasses ::ApplicationController, e.g. i can reproduce in console:

% rails c
Loading development environment (Rails 5.2.2)
[1] pry(main)> Cloudtasker::WorkerController.ancestors.include?(Cloudtasker::ApplicationController)
=> false

% rails c
Loading development environment (Rails 5.2.2)
[1] pry(main)> Cloudtasker::ApplicationController
=> Cloudtasker::ApplicationController
[2] pry(main)> Cloudtasker::WorkerController.ancestors.include?(Cloudtasker::ApplicationController)
=> true
@eLod
Copy link
Author

eLod commented Aug 17, 2021
edited
Loading

just to be clear/explicit: because Cloudtasker::WorkerController is not subclassing Cloudtasker::ApplicationController, the former is not having the skip_before_action :verify_authenticity_token (from the latter) leading to the ActionController::InvalidAuthenticityToken error

edit: also this only happens in development environment, eg in production because of eager loading the Cloudtasker::ApplicationController is loaded.

@alachaum
Copy link
Member

@eLod thanks for raising this issue. It looks weird to me that Cloudtasker::WorkerController is not inheriting Cloudtasker::ApplicationController in your context. Could you provide a minimal example on a repo which mimics your setup? I'll do some checks on my side as well.

@alachaum alachaum added the under investigation Investigating resolution steps label Aug 17, 2021
@eLod
Copy link
Author

eLod commented Aug 17, 2021

well, i just checked, with a bare new rails app, only change is adding the cloudtasker gem:

with rails 5

% rails c
Running via Spring preloader in process 32560
Loading development environment (Rails 5.2.6)
irb(main):001:0> ApplicationController
=> ApplicationController
irb(main):002:0> Cloudtasker::WorkerController.ancestors.include?(Cloudtasker::ApplicationController)
=> false

with rails6

% rails c
Running via Spring preloader in process 32564
Loading development environment (Rails 6.0.4)
irb(main):001:0> ApplicationController
=> ApplicationController
irb(main):002:0> Cloudtasker::WorkerController.ancestors.include?(Cloudtasker::ApplicationController)
=> true

@eLod
Copy link
Author

eLod commented Aug 17, 2021

upon further checking it seems our active admin & devise & devise_authy initialization process is causing the ApplicationController to be loaded and causing the problem. i still think it's worth it to fix it in this library, but the fix is trivial (and the problem does not seem to affect rails 6), plus i am not sure how much of legacy code in our application is causing the problem, so feel free to close this issue.

@eLod
Copy link
Author

eLod commented Aug 17, 2021

well, its active_admin and devise, the routes include something like devise_for :users, ActiveAdmin::Devise.config, where ActiveAdmin::Devise refers to ::Devise::SessionsController which subclasses Devise.parent_controller.constantize through DeviseController, which in turn is simply ApplicationController.

i can confirm, with the bare new rails app, adding activeadmin and devise latest versions, and placing ActiveAdmin::Devise.config inside config/routes.rb

rails5

% rails c
Running via Spring preloader in process 36686
Loading development environment (Rails 5.2.6)
irb(main):001:0> Cloudtasker::WorkerController.ancestors.include?(Cloudtasker::ApplicationController)
=> false

rails6

% rails c
Running via Spring preloader in process 36962
Loading development environment (Rails 6.0.4)
irb(main):001:0> Cloudtasker::WorkerController.ancestors.include?(Cloudtasker::ApplicationController)
=> true

@eLod
Copy link
Author

eLod commented Aug 17, 2021

oh i just found, most likely this somewhat cryptic pr #36 is trying to solve the same issue

@alachaum
Copy link
Member

Going to do more testing on my side. Looks like PR #36 is the way to go in the end.

@eLod
Copy link
Author

eLod commented Aug 18, 2021

i really feel #36 is the wrong "solution", it keeps subclassing ::ApplicationController (while Cloudtasker::ApplicationController becomes unused) which can introduce other problems in turn. i would suggest to simply correct the namespacing (or drop rails 5.2 support, or somehow note the problem, like in readme).

@alachaum alachaum added bug Something isn't working and removed under investigation Investigating resolution steps labels Aug 19, 2021
@alachaum
Copy link
Member

I'll rewrite this PR. We can just get rid of ApplicationController I suppose - it's fairly useless.

@eLod
Copy link
Author

eLod commented Aug 19, 2021

sure that is also a solution, most likely the best one

@alachaum
Copy link
Member

This issue has been fixed in the following releases:

  • v0.9.5
  • v0.10.2
  • v0.11.1
  • v0.12.1

@alachaum alachaum mentioned this issue Aug 27, 2021
Closed
@ryankon ryankon mentioned this issue Sep 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@eLod @alachaum