2

我是 rails 和 heroku 的新手,并且创建了一个基本的应用程序。在过去的几周里,我一直在 Heroku 玩,只使用 1 个 dyno。现在我已经增加到两个并且收到 CSRF 错误,因为一旦涉及第二个测功机,真实性令牌就会被重置。至少我是这么认为的。但我还在学习。

我在播客等中听到了很多关于 Resque、Sidekiq、memcached 和 dalli 的信息。这是我需要去学习的东西,所以我可以弄清楚如何保持这个用户会话为什么有多个测功机。

这是一个早期问题的后续,但我不确定它们是否相关。我也和phusion乘客一起跑步。

2014-05-17T08:46:59.603754+00:00 app[web.2]: App 120 stdout: Started POST "/users/sign_in" for 58.7.233.232 at 2014-05-17 08:46:59 +0000
2014-05-17T08:46:59.603819+00:00 app[web.2]: App 120 stdout: Processing by Devise::SessionsController#create as HTML
2014-05-17T08:46:59.603854+00:00 app[web.2]: App 120 stdout:   Parameters: {"utf8"=>"✓", "authenticity_token"=>"GalqKSrYuU2l9o2vxo3aWeqf4Xfvy+g5GAWbSXC6pvc=", "user"=>{"email"=>"admin.user@domain.com", "password"=>"[FILTERED]"}, "commit"=>"Login"}
2014-05-17T08:46:59.957414+00:00 heroku[router]: at=info method=POST path=/users/sign_in host=slapp.herokuapp.com request_id=f58dcf4f-a95f-4280-b0f9-4de593992774 fwd="58.7.233.232" dyno=web.2 connect=2ms service=599ms status=302 bytes=1408
2014-05-17T08:47:00.223198+00:00 heroku[router]: at=info method=GET path=/ host=slapp.herokuapp.com request_id=ddb2c5cc-0cc1-401b-ae98-b3c84a0fd8f7 fwd="58.7.233.232" dyno=web.1 connect=0ms service=15ms status=302 bytes=1178
2014-05-17T08:47:00.722430+00:00 heroku[router]: at=info method=GET path=/users/sign_in host=slapp.herokuapp.com request_id=20ab26a9-6b46-4b12-8019-a297fa63d324 fwd="58.7.233.232" dyno=web.2 connect=1ms service=49ms status=200 bytes=3069
2014-05-17T08:47:00.603875+00:00 app[web.2]: App 120 stdout: Redirected to https://slapp.herokuapp.com/

2014-05-17T08:47:00.603961+00:00 app[web.2]: App 120 stdout: Completed 302 Found in 547ms (ActiveRecord: 8.4ms)
2014-05-17T08:47:01.037974+00:00 app[web.1]: App 120 stdout: Started GET "/" for 58.7.233.232 at 2014-05-17 08:47:00 +0000
2014-05-17T08:47:01.037983+00:00 app[web.1]: App 120 stdout: Processing by StaticPagesController#index as HTML
2014-05-17T08:47:01.037987+00:00 app[web.1]: App 120 stdout: Completed 401 Unauthorized in 2ms

2014-05-17T08:47:01.604254+00:00 app[web.2]: App 120 stdout:   Rendered layouts/_shim.html.haml (3.0ms)
2014-05-17T08:47:01.604275+00:00 app[web.2]: App 120 stdout:   Rendered layouts/_navigation.html.haml (4.5ms)
2014-05-17T08:47:01.604377+00:00 app[web.2]: App 120 stdout: Completed 200 OK in 30ms (Views: 22.2ms | ActiveRecord: 0.0ms)
2014-05-17T08:47:01.604203+00:00 app[web.2]: App 120 stdout:   Rendered devise/sessions/new.html.haml within layouts/application (9.5ms)
2014-05-17T08:47:01.604088+00:00 app[web.2]: App 120 stdout: Started GET "/users/sign_in" for 58.7.233.232 at 2014-05-17 08:47:00 +0000
2014-05-17T08:47:01.604302+00:00 app[web.2]: App 120 stdout:   Rendered shared/_flash_messages.html.haml (0.3ms)
2014-05-17T08:47:01.604175+00:00 app[web.2]: App 120 stdout: Processing by Devise::SessionsController#new as HTML
2014-05-17T08:47:01.604335+00:00 app[web.2]: App 120 stdout:   Rendered layouts/_footer.html.haml (0.3ms)
4

1 回答 1

5

我也有这个问题,设计 3.2.4、rails 4.0.5 和独角兽。

我生成并存储秘密令牌到磁盘。但是每个 heroku dyno 都有自己的文件系统,所以两个 dyno 都有自己的秘密令牌。当请求转到另一个测功机时,它使用了另一个秘密令牌并且会话被杀死。

令牌必须存储到 env 变量中并从 secret_token.rb 中使用,如下所示:

YourApp::Application.config.secret_key_base = ENV['SECRET_TOKEN']

生成令牌

rake secret

并将其设置为

heroku config:set SECRET_TOKEN=yourtoken
于 2014-06-20T17:59:26.260 回答