问题
I'm using Rails 6, Devise for authentication and testing my app on Google Chrome. I can log in successfully. However when the user tries to log out by clicking on the Log Out button, it doesn't log out and only redirects to the home page.
I have the application containerised using Docker and Docker Compose and I'm using PostgreSQL for the database, ElasticSearch for search and NGINX for the web server.
This appears to be a caching or cookie issue. When I delete the _myapp_session cookie in Google Chrome Developer Tools in the Storage section under the Application tab, then refresh, the issue is fixed and the user is logged out.
How can I delete the _myapp_session cookie using a controller in the back end so that this is performed automatically when the user Logs Out?
Here are the logs visible on the NGINX server console (frontend_1) from visiting the website, logging in and then making the log out request.
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:33 +0000] "GET / HTTP/1.1" 200 6087 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:33 +0000] "GET /packs/js/application-e72ce6426a0e2e571ed2.js HTTP/1.1" 200 18152 "https://myapp.ie/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:33 +0000] "GET /assets/application-29dded2730529466cbe16f8bf7dff8cd81c27f5c29357a0ee19ce611c7fae223.css HTTP/1.1" 200 24974 "https://myapp.ie/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:33 +0000] "GET /packs/js/counter-a7c63b11c8fcb5e204df.js HTTP/1.1" 200 642 "https://myapp.ie/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:33 +0000] "GET / HTTP/1.1" 200 6087 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:33 +0000] "GET /assets/glassfacade.jpg HTTP/1.1" 304 0 "https://myapp.ie/assets/application-29dded2730529466cbe16f8bf7dff8cd81c27f5c29357a0ee19ce611c7fae223.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:33 +0000] "GET /manifest.webmanifest HTTP/1.1" 200 536 "https://myapp.ie/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:35 +0000] "GET /service-worker.js HTTP/1.1" 304 0 "https://myapp.ie/service-worker.js" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:37 +0000] "GET /users/sign_in HTTP/1.1" 200 5629 "https://myapp.ie/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:38 +0000] "POST /users/sign_in HTTP/1.1" 302 97 "https://myapp.ie/users/sign_in" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:38 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:38 +0000] "GET / HTTP/1.1" 200 6293 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:40 +0000] "GET /about HTTP/1.1" 200 5118 "https://myapp.ie/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:40 +0000] "GET /service-worker.js HTTP/1.1" 304 0 "https://myapp.ie/service-worker.js" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:42 +0000] "GET / HTTP/1.1" 200 6214 "https://myapp.ie/about" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:44 +0000] "POST /users/sign_out HTTP/1.1" 302 97 "https://myapp.ie/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:44 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:44 +0000] "GET / HTTP/1.1" 200 6214 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
frontend_1 | 37.228.235.151 - - [24/Jan/2021:13:46:46 +0000] "GET /service-worker.js HTTP/1.1" 304 0 "https://myapp.ie/service-worker.js" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" "-"
My Devise controllers are all standard (I haven't edited them).
Here's my Application Controller
class ApplicationController < ActionController::Base
# To clear cache to allow logging out.
before_action :set_cache_headers
protect_from_forgery prepend: true
# To enable sign in to function correctly.
skip_before_action :verify_authenticity_token, :only => :create
before_action :configure_permitted_parameters, if: :devise_controller?
def index
end
def set_cache_headers
response.headers["Cache-Control"] = "no-cache, no-store"
response.headers["Pragma"] = "no-cache"
response.headers["Expires"] = "Mon, 01 Jan 1990 00:00:00 GMT"
end
protected
# Restrict parameters for sign up input.
def configure_permitted_parameters
added_attrs = [:first_name, :last_name, :email, :encrypted_password, :password_confirmation, :remember_me]
devise_parameter_sanitizer.permit(:sign_up, keys: added_attrs)
devise_parameter_sanitizer.permit(:account_update, keys: added_attrs)
devise_parameter_sanitizer.permit(:sign_in, keys: added_attrs)
end
end
Here's my Application.html.erb
<!DOCTYPE html>
<html>
<head>
<title>MyApp</title>
<link rel="manifest" href="manifest.webmanifest">
<link rel="apple-touch-icon" href="/apple-touch-icon.png">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="theme-color" content="#ff8a00">
<meta name="msapplication-navbutton--color" content="#ff8a00">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="default">
<%= csrf_meta_tags %>
<%= csp_meta_tag %>
<%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %>
<%= javascript_pack_tag 'application', 'data-turbolinks-track': 'reload' %>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js"></script>
<link href="https://fonts.googleapis.com/css?family=Text+Me+One&display=swap" rel="stylesheet">
</head>
<body id="<%= controller.controller_name %>" class="<%= controller.action_name %> <%= "show-sidebar" if @show_sidebar.present? %>">
<div class="wrapper">
<% if @show_sidebar.nil? %>
<header>
<%= render "layouts/nav/public" %>
</header>
<%= yield %>
<% else %>
<%= render "layouts/nav/dashboard" %>
<div class="container-fluid">
<div class="row">
<%= render "layouts/nav/sidebar" %>
<main role="main" class="col-md-9 ml-sm-auto col-lg-10 px-md-4 mt-4">
<%= yield %>
</main>
</div>
</div>
<% end %>
<div class="push"></div>
</div>
<%= render "layouts/footer" %>
<div id="notifications"><%= notice %></div>
<!-- PWA Step 1 - Registration -->
<script type="text/javascript">
if ('serviceWorker' in navigator) {
window.addEventListener('load', function() {
navigator.serviceWorker.register('/service-worker.js').then(function(registration) {
// Registration was successful
console.log('ServiceWorker registration successful with scope: ', registration.scope);
}, function(err) {
// registration failed :(
console.log('ServiceWorker registration failed: ', err);
});
});
}
</script>
<script src="https://code.jquery.com/jquery-3.5.1.slim.min.js" integrity="sha384-DfXdz2htPH0lsSSs5nCTpuj/zy4C+OGpamoFVy38MVBnE+IbbVYUew+OrCXaRkfj" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/feather-icons/4.9.0/feather.min.js"></script>
<script>feather.replace()</script>
<%= javascript_pack_tag "counter" %>
</body>
</html>
Here's the part of the view that displays the Log In / Log Out link.
<ul class="navbar-nav mr-auto" id="right-nav-menu">
<li class="nav-item">
<% if notice %>
<p class="nav-link"><%= notice %></p>
<% end %>
<% if alert %>
<p class="nav-link"><%= alert %></p>
<% end %>
</li>
<li class="nav-item">
<% if user_signed_in? %>
<strong class="nav-link"><p><%= current_user.first_name %> <%= current_user.last_name %></p></strong>
<% end %>
</li>
<% if user_signed_in? %>
<li class="nav-item">
<strong><%= link_to 'Edit Profile', edit_user_registration_path, :class => 'nav-link' %></strong>
</li>
<li class="nav-item">
<strong><%= link_to "Log Out", destroy_user_session_path, method: :delete, :class => 'nav-link' %></strong>
</li>
<% else %>
<li class="nav-item">
<strong><%= link_to "Log In", new_user_session_path, :class => 'nav-link' %></strong>
</li>
<li class="nav-item">
<strong><%= link_to "Sign Up", new_user_registration_path, :class => 'nav-link' %></strong>
</li>
<% end %>
</ul>
I'm not sure if there's any other code that would be helpful to resolve but if so, please let me know and I will add to the above. Appreciate any help.
来源:https://stackoverflow.com/questions/65765439/how-can-i-delete-the-myapp-session-cookie-in-google-chrome-storage-using-a-cont