Always Getting 401 Unauthorized with New Install of Rails + Devise

Always getting 401 Unauthorized with new install of Rails + Devise

Well this little exercise in frustration turned out to be a good lesson in RTFM. I had set up Devise with confirmable, and when I created my layouts I neglected to insert the following lines:

<p class="notice"><%= notice %></p>
<p class="alert"><%= alert %></p>

... as it clearly states to do in the getting started guide. When I inserted these I got the error message "You need to confirm your email address before logging in."

In the console I set confirmed_at = Time.now for the User, and voilà, I can now log in.

Typus with existing devise model getting 401 unauthorized error

You are adding :confirmable in your account model when you signup it will send you the confirmation mail to confirm your email, if you login without confirming it will throw an Unauthorized error.

rails devise 401 unauthorized for a specific page

check the code of your InstitutionsController and ApplicationController -- look for statements with current_user or before_filter in them

 class InstitutionsController < ApplicationController
    before_filter :login_required, :only => [:method1,:method2]
    ...
 end

could be that the method you are trying to call is listed as requiring authentication, but you are not logged in.

Can you also post an excerpt of your InstitutionsController with the preview method in it?

Another possible problem is that your route might be defined incorrectly:

  match 'visit/schedule/preview' => 'institutions#previewselectedvisits', :as => :preview_visits, :via => :get

does the InstitutionsController really have a method called previewselectedvisits ?

Rails: Completed 401 Unauthorized

I tracked the problem down to user_signed_in? as suggested by Marek. That function will HALT execution and issue a 302 redirect, while printing a 401 in the server log!

devise.rb

config.timeout_in = 1.minute # 8.hours

stripes_controller.rb

class StripesController < ApplicationController
  layout false

show.haml

%h2 Thank you!
%p 
  Your payment of 
  %strong= number_to_currency(@amount.to_i * 0.01)
  has been received.
- if user_signed_in?
  Signed in
- else
  Signed out
  

If the user is signed in, the page will load fine. If the user's session expires, then Devise will redirect and set a flash message!

log

Started GET "/stripe" for 127.0.0.1 at 2018-01-03 14:39:08 -0500
Processing by StripesController#show as HTML
  Rendering stripes/show.haml
  User Load (22.0ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2  [["id", 1], ["LIMIT", 1]]
   (1.0ms)  BEGIN
   (2.0ms)  COMMIT
  Rendered stripes/show.haml (179.2ms)
Completed 401 Unauthorized in 399ms (ActiveRecord: 52.0ms)


Started GET "/stripe" for 127.0.0.1 at 2018-01-03 14:39:09 -0500
Processing by StripesController#show as HTML
  Rendering stripes/show.haml
  Rendered stripes/show.haml (2.0ms)
Completed 200 OK in 219ms (Views: 99.8ms | ActiveRecord: 0.0ms)

I couldn't find a way to check if the user is logged in without redirecting.

https://duckduckgo.com/?q=rails+devise+%22user_signed_in%22+stop+redirecting&ia=qa

user_signed_in? isn't even in the Devise API documentation when you search the methods! I was hoping there was an optional argument.

http://www.rubydoc.info/github/plataformatec/devise/Devise

So I set layout false so it stops using application.haml which contains user_signed_in?. I wish there was a better way.

---

Related Topics