shakycode

Yes, this is good but I was thinking of doing one where the search functionality is written from scratch. It would be cool to write something like this. In fact I'm in the middle of writing some complex search without using Ransack or Elastic. If you want some help on a screencast, let me know.

Hate to bump an old topic, but doing a screencast on search would really be useful. i.e. writing search from scratch that can search through multiple models and associations. CodeSchool's FeatureFocus did something like this with DHH writing something wicked, figured you might want to write some search instead of using a gem like ransack. Would be a good learning opportunity for the GoRails community.

This was a good find. But on a side note, in Ubuntu (and most debian based distros) the ruby1.9.1-dev package is installed ergo why you see it there. If you are running the 1.9.x version of Ruby such as I am, ruby1.9.1-dev is a requirement to get bundler and Ruby working. I ran into this problem when spinning up a new server using 1.9.3 during my capistrano deployments. A quick yielded the ruby1.9.1-dev package needing to be installed.

Probably not something you need to include in the guides since you're focusing on Edge Rails/Ruby but it's good to know for those of us who are still "old school".

This was great, Chris! Keep up the good work!

That's a good idea, I'll have to look into that. For now I think it's an EUE issue by hitting the sign_in URL. Or at least that's all I can see from the logs. Again this doesn't happen very often so it's really tough to track down. And since it doesn't throw an exception or present an error to the user, they don't really notice anything and just go about their business. Frustrating to say the least knowing there "may" me a bug somewhere that you can't track down easily. I have AirBrake installed in production and it doesn't catch it, but of course it's not an exception so it's not going to give me any 411 on it. Sigh.

I'll have to dig through the logs and see if I can track it down. So far the problem with tracking this issue down is parsing the logs I'm looking for requests by IP address, but there's usually more than one user logged in behind an IP address (NAT/Router) so it's hard to tell from the Nginx logs what the request was before the behavior happened. Since we do have multiple users using the same browser/etc the Nginx log is not very helpful in tracking this down.

The only thing I can think of is they closed the browser while still being logged in, reopened a new browser, and started typing the url and the browser history auto-completed it to https://cad.hcems.com/users/sign_in. Then it triggered a :require_no_authentication in Devise.

Do you see a clearer method on how to track this down besides what I've mentioned?

This is an interesting problem to solve.

The only thing that jumps out at me is in routes.rb

  devise_scope :user do
    get "/login" => "devise/sessions#new"
    delete "/logout" => "devise/sessions#destroy"
  end

If by chance they are hitting /login and already logged in this behavior would exhibit itself.

Then there's another theory I've come up with by looking at the log:

Started GET "/users/sign_in" for 75.148.203.249 at 2014-11-17 07:00:55 -0600
Processing by MySessionsController#new as HTML
Redirected to https://cad.hcems.com/home/index
Filter chain halted as :require_no_authentication rendered or redirected
Completed 302 Found in 2.3ms (ActiveRecord: 0.6ms)
Started GET "/home/index" for 75.148.203.249 at 2014-11-17 07:00:55 -0600
Processing by HomeController#index as HTML
  Rendered home/index.html.erb within layouts/application (260.0ms)
Completed 200 OK in 311.1ms (Views: 66.1ms | ActiveRecord: 237.4ms)

User closes browser without logging out
User opens bookmark for application which defaults to the users/sign_in url
Devise detects that they are already logged in
:require_no_authentication is triggered

Without actually seeing this happen in person, it's really hard to nail down.

Would you mind looking at a couple things for me if you have time? Or telling me how I can search through my codebase to see if I'm mistakenly redirecting them?

Good call, Chris.

I was able to manually reproduce the error by

1.) Signing in
2.) Visiting /users/sign_in
3.) Boom I got redirected to the root url home_index_path
4.) The :require_no_authentication error occurred in development log

Now the 1M question is. How to figure out where I'm sending them to that view? I have no earthly clue on where to start looking. Any advice? :)

The only thing I can think of is that the employee may have been signed in as another user who just left their shift, then they possibly closed the browser window, and tried to log back in (ergo the hit to the MySessionsController#new, when Devise realized the user never logged out perhaps it gave this :require_no_authentication directive because there was already a session established.

This is really weird and doesn't seem to be impacting users.

Here's the nginx log:

75.148.203.249 - - [17/Nov/2014:07:00:53 -0600] "GET /calls?_=1416229226292 HTTP/1.1" 200 24883 "https://cad.hcems.com/calls" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
75.148.203.249 - - [17/Nov/2014:07:00:55 -0600] "GET /users/sign_in HTTP/1.1" 302 109 "https://cad.hcems.com/units" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"
75.148.203.249 - - [17/Nov/2014:07:00:55 -0600] "GET /home/index HTTP/1.1" 200 15441 "https://cad.hcems.com/units" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"

Here's the production log output:

Started GET "/users/sign_in" for 75.148.203.249 at 2014-11-17 07:00:55 -0600
Processing by MySessionsController#new as HTML
Redirected to https://cad.hcems.com/home/index
Filter chain halted as :require_no_authentication rendered or redirected
Completed 302 Found in 2.3ms (ActiveRecord: 0.6ms)
Started GET "/home/index" for 75.148.203.249 at 2014-11-17 07:00:55 -0600
Processing by HomeController#index as HTML
  Rendered home/index.html.erb within layouts/application (260.0ms)
Completed 200 OK in 311.1ms (Views: 66.1ms | ActiveRecord: 237.4ms)

No, I'm not calling it anywhere in my app. The only thing I can think of that might be triggering it is my after_sign_in_path method in application_controller.rb but I'm not sure why it's being triggered. I'm having a hard time parsing through logs to see when the behavior pops up and why.

 before_filter :authenticate_user!    
    def after_sign_in_path_for(resource)
      case resource.role
        when "client"
        clients_path
        when "dispatch"
        home_index_path
        when "medic"
        mdt_path
        when "supervisor"
        supervisors_path
        when "admin"
        home_index_path
        when "disabled"
        destroy_user_session_path
      else
        super
      end
    end

No sir, I think it's a Devise built-in method. Devise Rdoc

But the question is why is it randomly getting called? It doesn't happen very often, maybe a couple times a day in production. And I can't reproduce it in development, lord knows I've tried. It seems non-volatile, but I'm not entirely sure.

Btw, in that link you sent it tells you what the default idle time is. This option may only occur once, in the http configuration block. The default value is 300. So it looks like 300 seconds of idle time to spin down. That would explain things easily on a low traffic application.

Sweet! This may be just what I need. I think I'm going to give it a shot. You're the man!

I should really start to do research once I actually wake up :)

I have an app with Rails 3.2.20 and Devise 2.1.2 (Yes I know it's old) and there are random occasions where a user will trigger a URL i.e. site.com/calls and I will receive an error in the production.log such as: Filter chain halted as :require_no_authentication rendered or redirected and it will then redirect to the proper path.

I've done some research on Stack and all of the answers people have given have nothing to do with my current scenario.

Was wondering if anyone has received this error using Rails and Devise, and if it's something non-volatile that I can ignore, or if it's something I should look into.

It should be noted that I cannot reproduce this in development or staging environments. It only happens in my production app instance.

Definitely useful for Heroku since they spin down when not in use. But this happens with Passenger quite a bit if your app is idle. It will spin down the environment which leads to a 1-4 second spinup time when the next GET request is made. The cron job takes care of that for you and keeps things nice and responsive.

I think Pingdom is a good idea since it can make a get request and notify you of the site being up/down. Although depending on their timeout interval, you may receive a down alert if your app is spun down and Pingdom tries to hit it and it takes a while to spin up.

I use Nagios for alerting and system checks (including HTTP/HTTPS) so maybe what I'm doing with the cron job is redundant, but it's definitely worked for me so far.

Now, to figure out why Passenger spins down and how to prevent it from doing that. What I do with the cron job is "hackish" in a way, so I'd like to really get Passenger to never spin down. I know there's a pre-start directive you can give to it in the virtualhost block, but I haven't played with it yet. Lazy fix, FTW. :)

My favorite combination of Rails/HTTP is Nginx + Passenger. They work wonderfully together and it's been super easy to setup across all of my apps. One thing I've noticed in some of my apps that don't see a lot of traffic is that after an unspecified period of time, Passenger will spindown and drop the database pool connection when the site is idle. Most won't experience this with an active app but I have a few apps and demo sites that don't receive much use and this happens frequently. This results in the next user visiting your site having to wait 1-3 seconds while Passenger spins up and your Rails ENV loads.

I've read the Passenger documentation and there's an option to pre-start the virtual host, but I'm not sure how that would affect restarts and deployment.

So to combat the issue, I've come up with a simple method to keep your app spun up 24/7.

You'll want to edit your crontab as whatever deploy user you have setup (in my environments, it's just deploy).

crontab -e
*/5 * * * * wget -O /dev/null -o /dev/null yoursite.com

What this does is a wget to your site's root url simulating a user visit and outputs the response to /dev/null (nowhere). In Cron we set it at to a 5-minute interval to keep the app up and running. Of course you'll need to have wget installed on your server which is simple enough via apt or yum.

This works well for me in my production environments and is a quick and dirty fix. If anyone else has another way of doing this without having to use a cron job, please let me know.

Cheers!

I agree. I think a submit an improvement piece would be helpful. It would allow others to add value to the already valuable resources you provide. Plus a lot of us have edge cases which we could submit as "side notes".

Yeah, that's another way to do it. Glad you got it working.

Chris, is the installation of node really necessary? As long as you have therubyracer in your Gemfile you'll have a Javascript runtime in your Rails environment. I know therubyracer might be a bit more memory intensive than nodejs but it works, at least for me.

If you recommend nodejs over therubyracer can you update your setup guide with the proper installation instructions so others can benefit?

I've spun up multiple apps (mostly in 3.2.x branches) and used therubyracer in the Gemfile assets group without having node installed on the production server. And the app and deploys still work.

If you think I should be installing nodejs in production, please let me know your take on it.