inertia-rails icon indicating copy to clipboard operation
inertia-rails copied to clipboard

Published 20 hours ago verified publisher icon inertiajs

InertiaRails Controller after action no cookie causes error

Open EamonIndigoSpark opened this issue 1 year ago • 5 comments

In the after_action I get an error, where the cookie is null:

require_relative "inertia_rails" require_relative "helper"

module InertiaRails module Controller extend ActiveSupport::Concern

included do
  before_action do
    # :inertia_errors are deleted from the session by the middleware
    InertiaRails.share(errors: session[:inertia_errors]) if session[:inertia_errors].present?
  end
  helper ::InertiaRails::Helper

  after_action do
    cookies['XSRF-TOKEN'] = form_authenticity_token unless request.inertia? || !protect_against_forgery?
  end
end

cookies['XSRF-TOKEN'] = form_authenticity_token unless request.inertia? || !protect_against_forgery?

Resulting in this error

undefined method `[]=' for nil:NilClass

EamonIndigoSpark avatar Dec 15 '23 16:12 EamonIndigoSpark

Hello @EamonIndigoSpark, can you share your ApplicationController? Maybe cookies it not defined because you are not using cookies rails middleware

PedroAugustoRamalhoDuarte avatar Dec 16 '23 18:12 PedroAugustoRamalhoDuarte

Hi @PedroAugustoRamalhoDuarte Thank you for your help, below is the contents of the controller I am using

`require "will_paginate/array" class Cms::ApplicationController < ActionController::Base

protect_from_forgery

layout :set_layout before_action :authenticate before_action :set_site before_action :set_current_org before_action :show_current_org_logo before_action :set_cms_for_menu before_action :check_user_disabled

cache_sweeper :user_stamp_sweeper

VALID_CMS_HOSTNAMES = ['conferencestop']

def set_current_org if user_signed_in? && (current_user.is_a_client? || current_user.is_a_supplier?) if current_user.contact.present? @current_org = current_user.contact.parent end if @current_org.blank? && !current_user.is_a_supplier? flash[:alert] = "Sorry we could not find your organisation. Please contact Servace" redirect_to destroy_user_session_path() end end

end

def authenticate return true if (ENV["APP_NAME"] =~ /pentest/ ) != nil # don't need this when pentesting

end

def set_cms_for_menu @cms = true end

def set_layout 'integrated_layout' end

def hide_main_nav @hide_main_nav = true end

private

def set_site

  @site_name = "conference_stop"
  @site = Site.find_or_create_by(name: "conference_stop")
  @body_class = "cs"
  session[:site_name] = "cs"

end


def check_user_disabled
  if user_signed_in? && current_user.disabled?
    flash[:alert] = "sorry your account has been suspended. Please contact us."
    redirect_to destroy_user_session_path
    return false
  end
end

def show_current_org_logo
 if current_user && current_user.is_a_client?
  @show_current_org_logo = true
 end
end

end

`

EamonIndigoSpark avatar Dec 18 '23 09:12 EamonIndigoSpark

@EamonIndigoSpark You accidentally share your app password.

PedroAugustoRamalhoDuarte avatar Dec 18 '23 11:12 PedroAugustoRamalhoDuarte

Your ApplicationController looks right its a very strange error, things you can check:

  • if the cookies is enable in the ruby on rails APP.
  • if you are using a rails only API (I dont think so).

For now you can downgrade de inertia rails version to: 3.0.0, this was the last update without XSRF-TOKEN update

PedroAugustoRamalhoDuarte avatar Dec 18 '23 11:12 PedroAugustoRamalhoDuarte

@PedroAugustoRamalhoDuarte Hi Pedro, Thank you for your help, I will try the things you suggest, also I've removed the password (fortunately, it is only available internally)

EamonIndigoSpark avatar Dec 18 '23 11:12 EamonIndigoSpark