Is there anyone in this channel who can talk to me about the Rails Port's "authenticity token" system?

I have been implementing a new, customized Rails Port instance for https://opengeofiction.net/ . It's working well but I am having nightmare problems with two things:

  • Frequent errors for users: "ActionController::InvalidAuthenticityToken"
  • Frequently users are forcibly logged off whenever they change pages (i.e. Diaries to map, map to iD, etc.)

Is there anyone who can give me insights into what might be going wrong.

I am not a Ruby on Rails developer or even particularly comfortable with the environment. I have a background in Database admin and design and I am comfortable with most aspects of Linux sysadmin.

asked 02 Sep '21, 18:26

Luciano%20AK's gravatar image

Luciano AK
1112
accept rate: 0%

Can you explain the changes you have made to the "original", or do you have your version on GitHub somewhere?

(03 Sep '21, 09:36) Frederik Ramm ♦

@Frederik - I'm sorry we don't have it on github. It's all kind of experimental. In the long run, we hope to formally "fork" openstreetmap-website and post our changes, but we're not there right now.

Meanwhile, the site is up and seems to be working. We've let in a limited number of users and we're doing testing. Not going to claim victory, yet, but the Authenticity Token errors appear to have gone away. We did a bunch of google-fu and dug up what seemed to have worked. I promise I'll post what we did once I'm confident it worked.

You're free to browse the website:

https://opengeofiction.net

Anyway thank you so much for taking the time to respond.

(03 Sep '21, 19:33) Luciano AK

Firstly, thank you to my one responder, for their suggestion.

Apparently, the openstreetmap-website ("rails port") expects that a production instance will have a tool called memcache installed. It was another member of our team who figured this out, so I don't have the details, but I think that's enough of a hint if someone finds this question in the future and is trying to solve the issue.

Although we are still running the "rails port" as a development instance (rather than production), we are doing so as a de facto production instance, with 100's of active users.

This level of deployment requires memcache to manage the authenticity tokens, I guess.

If I get more details from my colleague about specific steps he took, I'll amend this answer.

Meanwhile, our site is up and running quite well, now.

permanent link

answered 04 Sep '21, 17:44

Luciano%20AK's gravatar image

Luciano AK
1112
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×4

question asked: 02 Sep '21, 18:26

question was seen: 245 times

last updated: 04 Sep '21, 17:44

powered by OSQA