I’ve followed the upgrade guide: Upgrade to v6 - Documentation and I was able to successfully login to Forest and access the data for my local environment, but when I’ve deployed the upgrade changes to one of my testing environments I was no longer able to access any data in Forest for that environment and I was getting 401 authorization errors.
Expected behavior
Should be able to login to Forest and select my testing environment and access the data
Actual behavior
In a banner, the following error is presented:
"You have been disconnected
An error occurred while accessing your data.
Please check that the agent is running, and that your browser accepts third-party cookies."
And due to this I’m not able to access the data in Forest for testing environment
Failure Logs
In the Rails backend the information related to the authorization errors is the following:
Request log:
{
"level": "info",
"dt": "2021-03-03T13:04:06.895128Z",
"message": "Started GET \"/forest/Address\"",
"event": {
"http_request_received": {
"body": null,
"content_length": null,
"headers_json": "{\"Version\":\"HTTP/1.1\",\"Host\":\"raylo-api-pr-2277.herokuapp.com\",\"Connection\":\"close\",\"Sec_Ch_Ua\":\"\\\"Google Chrome\\\";v=\\\"89\\\", \\\"Chromium\\\";v=\\\"89\\\", \\\";Not A Brand\\\";v=\\\"99\\\"\",\"Accept\":\"application/json\",\"Sec_Ch_Ua_Mobile\":\"?0\",\"User_Agent\":\"Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36\",\"Origin\":\"https://app.forestadmin.com\",\"Sec_Fetch_Site\":\"cross-site\",\"Sec_Fetch_Mode\":\"cors\",\"Sec_Fetch_Dest\":\"empty\",\"Referer\":\"https://app.forestadmin.com/\",\"Accept_Encoding\":\"gzip, deflate, br\",\"Accept_Language\":\"en-GB,en-US;q=0.9,en;q=0.8\",\"X_Request_Id\":\"dc24d731-970a-4d5e-8b0b-271390431ee0\",\"X_Forwarded_For\":\"86.170.153.163\",\"X_Forwarded_Proto\":\"https\",\"X_Forwarded_Port\":\"443\",\"Via\":\"1.1 vegur\",\"Connect_Time\":\"1\",\"X_Request_Start\":\"1614776646891\",\"Total_Route_Time\":\"0\"}",
"host": "raylo-api-pr-2277.herokuapp.com",
"method": "GET",
"path": "/forest/Address",
"port": 443,
"query_string": "fields%5BAddress%5D=id%2Cline1%2Cline2%2Cline3%2Cpostcode%2Cregion%2Ccity%2Ccountry%2Ccreated_at%2Cupdated_at\u0026fields%5Bcountry%5D=name\u0026page%5Bnumber%5D=1\u0026page%5Bsize%5D=5\u0026searchExtended=0\u0026sort=-id\u0026timezone=Europe%2FLondon",
"request_id": "dc24d731-970a-4d5e-8b0b-271390431ee0",
"scheme": "https",
"service_name": null
}
},
"context": {
"system": {
"hostname": "39bf3210-1d8f-4ee6-a1a5-d7e280fa62b3",
"pid": 4
},
"runtime": {
"thread_id": 79420
},
"http": {
"host": "raylo-api-pr-2277.herokuapp.com",
"method": "GET",
"path": "/forest/Address",
"remote_addr": "REMOTE_ADDRESS",
"request_id": "dc24d731-970a-4d5e-8b0b-271390431ee0"
},
"user": {
"client_auth_hash": null,
"user_token_hash": null
}
}
}
Response:
{
"level": "info",
"dt": "2021-03-03T13:04:06.901430Z",
"message": "Completed 401 Unauthorized in 7.013794ms",
"event": {
"http_response_sent": {
"body": null,
"content_length": null,
"headers_json": "{\"Access-Control-Allow-Origin\":\"https://app.forestadmin.com\",\"Access-Control-Allow-Methods\":\"GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS\",\"Access-Control-Expose-Headers\":\"\",\"Access-Control-Max-Age\":\"86400\",\"Access-Control-Allow-Credentials\":\"true\",\"X-Frame-Options\":\"SAMEORIGIN\",\"X-XSS-Protection\":\"1; mode=block\",\"X-Content-Type-Options\":\"nosniff\",\"X-Download-Options\":\"noopen\",\"X-Permitted-Cross-Domain-Policies\":\"none\",\"Referrer-Policy\":\"strict-origin-when-cross-origin\",\"Content-Type\":\"text/html\",\"Vary\":\"Origin\"}",
"request_id": "dc24d731-970a-4d5e-8b0b-271390431ee0",
"service_name": null,
"status": 401,
"duration_ms": 7.013794
}
},
"context": {
"system": {
"hostname": "39bf3210-1d8f-4ee6-a1a5-d7e280fa62b3",
"pid": 4
},
"runtime": {
"thread_id": 79420
},
"http": {
"host": "raylo-api-pr-2277.herokuapp.com",
"method": "GET",
"path": "/forest/Address",
"remote_addr": "REMOTE_ADDRESS",
"request_id": "dc24d731-970a-4d5e-8b0b-271390431ee0"
},
"user": {
"client_auth_hash": null,
"user_token_hash": null
}
}
}
Context
The configurations on the Rails app are the following:
Forest application URL:
irb(main):001:0> ForestLiana.application_url
=> "https://raylo-api-pr-2277.herokuapp.com"
CORS:
allowed_web_origins = [Regexp.new(/\Anull\z/), 'app.forestadmin.com']
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins(*allowed_web_origins)
resource(
'*',
headers: :any,
methods: %i[get post put patch delete options head],
expose: ['Content-Disposition'],
credentials: true
)
end
end
The configurations in Forest admin > Environments for this environment has 6.0.1 as the Liana version
The one thing I’ve noticed though is that this issue only happens when I access ForestAdmin using the Chrome browser but it doesn’t happen when I use Firefox. Even with the Chrome browser, if I switch to another environment using an older version of Forest Liana, everything works just fine.
- Package Version: 6.0.1
- Ruby: 3.0.0
- Rails Version: 6.1.3
- Database Dialect: Postgresql