koosa koosa - 14 days ago 6
Ruby Question

Always getting 401 Unauthorized with new install of Rails + Devise

I have a new install of Rails and am trying to set up authentication with Devise. As far as I can tell I have a very basic set up that should work, but whenever I try to log in with the default Devise sign in form I get an Unauthorized error. I am sure my credentials are correct as I created a User to test with in the console like so:

User.new({:email=>'mark@markdavies.com.au', :priv_level => 'admin', :password=>'mypassword', :password_confirmation=>'mypassword'}).save


My User model:

class User < ActiveRecord::Base

# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable, :confirmable

# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, :priv_level, :unconfirmed_email
# attr_accessible :title, :body

has_one :supplier

end


My log:

Started POST "/admin/user/sign_in" for 127.0.0.1 at 2012-12-22 13:10:56 -0500
Processing by Admin::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"wYLsalxN9rTv8P8bvYuT0wZcvlFbu6b1SvoCyKtTCII=", "admin_user"=>{"email"=>"mark@markdavies.com.au", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."email" = 'mark@markdavies.com.au' LIMIT 1
(0.1ms) begin transaction
(0.0ms) commit transaction
Completed 401 Unauthorized in 69ms


Is there any way I can get more information about what is failing from Devise? When I create the user in the console is the encryption used different than through the forms?

Answer

Well this little exercise in frustration turned out to be a good lesson in RTFM. I had set up Devise with confirmable, and when I created my layouts I neglected to insert the following lines:

<p class="notice"><%= notice %></p>
<p class="alert"><%= alert %></p>

... as it clearly states to do in the getting started guide. When I inserted these I got the error message "You need to confirm your email address before logging in."

In the console I set confirmed_at = Time.now for the User, and voilà, I can now log in.

Comments