-
-
Save b2gills/ffeea085172b2fb1387066e0b6505cd3 to your computer and use it in GitHub Desktop.
Cro user session gets forgotten
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackoverflow.com/questions/51451841/cro-user-session-gets-forgotten | |
(04:01:39 PM) ecocode [~ec@ks39550.kimsufi.com] entered the room. | |
(04:02:24 PM) ecocode: hello | |
(04:02:34 PM) ecocode: I cannot figure the error I get | |
(04:02:40 PM) ecocode: ⚠ beaverapp Died with the exception: | |
(04:02:42 PM) ecocode: ⚠ beaverapp Can not decode a utf-8 buffer as if it were ascii | |
(04:02:44 PM) ecocode: ⚠ beaverapp in method parse at /home/ec/.perl6/sources/DE40AE13F16DFE4C9CB8BC6D1D5598444E245797 (Cro::HTTP::BodyParsers) line 49 | |
(04:03:05 PM) ecocode: No idea where I could mess up charsets :/ | |
(04:13:19 PM) sena_kun: ecocode, I guess you cannot provide a gist to reproduce? | |
(04:14:54 PM) ecocode: you can check out my test project | |
(04:15:04 PM) sena_kun: ecocode, what is your "schema" of things, do you get this for a client or for server, it is cro-only application or? Any additional info can help us to help. :) | |
(04:15:27 PM) ecocode: git@gitlab.com:ecocode/beaverapp.git | |
(04:16:12 PM) sena_kun: ecocode, "git@gitlab.com:ecocode/beaverapp.git". | |
(04:16:24 PM) ecocode: start the server with cro trace and try to login at https://localhost:20000/login with 'user' and 'pwd' | |
(04:16:53 PM) lance_w[m] left the room (quit: Ping timeout: 245 seconds). | |
(04:17:17 PM) sena_kun: if the code is not open source, you can try to extract smaller code pieces that still has the issue. | |
(04:17:45 PM) ecocode: sena_kun: no point to open source, it is just a testing cro app | |
(04:17:59 PM) ecocode: I try to set up authentication as in the docs | |
(04:18:14 PM) ecocode: you can distribute the code freely ;) | |
(04:18:40 PM) sena_kun: ecocode, well, right now I cannot clone your repository because of denied permission. | |
(04:18:41 PM) ecocode: btw, there is almost no code ;) | |
(04:18:50 PM) ecocode: ah | |
(04:18:54 PM) sena_kun: so I assumed that. | |
(04:19:53 PM) sena_kun: ecocode, also, what OS do you use? | |
(04:20:05 PM) ecocode: linux | |
(04:20:12 PM) ecocode: first project on gitlab | |
(04:20:22 PM) ecocode: I'm figuring out how to give permissions | |
(04:20:26 PM) sena_kun: ok, so no problem with OS I believe. : ) | |
(04:20:46 PM) ecocode: weird, I thought private repos are only for paying customers | |
(04:20:53 PM) sena_kun: ecocode, I'm here for some time, so no hurry. | |
(04:26:16 PM) ecocode: weird, gitlab says the project is public - "The project can be accessed without any authentication" | |
(04:31:41 PM) sena_kun: ok, was able to clone it using `https://gitlab.com/ecocode/beaverapp` as url. | |
(04:31:45 PM) sena_kun: let me see what's inside... | |
(04:31:52 PM) ecocode: oh great | |
(04:34:08 PM) sena_kun: ecocode, hmm, I don't see any routes for `login`. Last commit I have is "working websocket". Are you sure it's pushed? | |
(04:37:41 PM) ecocode: nope | |
(04:37:43 PM) ecocode: sorry | |
(04:37:49 PM) ecocode: pushed now I think | |
(04:38:04 PM) ***sena_kun pulls | |
(04:46:21 PM) sena_kun: ecocode, was able to reproduce it. Thanks for your asking. | |
(04:46:49 PM) ecocode: well, it is probably something weird in my code | |
(04:46:56 PM) sena_kun: ecocode, it is already about time to sleep here, so I'll play with it tomorrow and try to fix. | |
(04:47:05 PM) sena_kun: s/tomorrow/after sleep/ | |
(04:47:11 PM) ecocode: cool thanks ! | |
(04:47:14 PM) sena_kun: Or can I do it now, hm... | |
(04:47:29 PM) ecocode: no hurry... sleep is important :) | |
(04:47:36 PM) ecocode: where are you ? | |
(04:47:43 PM) ecocode: I mean country | |
(04:47:49 PM) sena_kun: Ukraine. It's 0:47 here now. | |
(04:48:10 PM) ecocode: 23:47 here in Belgium :) | |
(04:48:28 PM) sena_kun: But my sleep/day routine is shifted, so I usually get to sleep exactly at 02:00, so have some time left. :) | |
(04:48:33 PM) sena_kun: more than an hour even. | |
(04:48:49 PM) sena_kun: afk for 20 minutes~ | |
(05:09:18 PM) lance_w[m] [lancewmatr@gateway/shell/matrix.org/x-xxxbjrzbvmlastgd] entered the room. | |
(05:11:57 PM) sena_kun: confirmed as a bug in HTTP/2 stack, as it works fine with HTTP/1.1. | |
(05:14:16 PM) ecocode: ouch... | |
(05:14:25 PM) ecocode: so it is not in my code ? | |
(05:14:36 PM) sena_kun: it's not. | |
(05:14:43 PM) sena_kun: it's _my_ code. :) | |
(05:15:03 PM) ***ecocode almost can't believe he didn't code the bug | |
(05:15:08 PM) sena_kun: I'll try to investigate it now. | |
(05:15:08 PM) ecocode: :) | |
(05:55:23 PM) sena_kun: ecocode, it turns out I screwed up quite a little. :S Now fixing broken tests, but can send a fix in 5-10 minutes. | |
(05:59:06 PM) ecocode: super! | |
(06:00:31 PM) sena_kun: ecocode, do you have a preferred nickname so I could mention your contribution in commit message or "ecocode" would be nice enough? | |
(06:01:01 PM) ecocode: ecocode it is :) | |
(06:01:18 PM) sena_kun: roger~ | |
(06:04:19 PM) Geth: ¦ cro-http: 4b336743e8 | Altai-man++ | 3 files | |
(06:04:19 PM) Geth: ¦ cro-http: Fix BodyParsers exception for HTTP/2 | |
(06:04:19 PM) Geth: ¦ cro-http: | |
(06:04:19 PM) Geth: ¦ cro-http: The issue was originally caused by `.decode('ascii')` applied onto | |
(06:04:19 PM) Geth: ¦ cro-http: `utf8` type value, which produced exception. It remains somehow of a | |
(06:04:20 PM) Geth: ¦ cro-http: mystery of how it survived for so long, but usage of `Buf` to store | |
(06:04:20 PM) Geth: ¦ cro-http: unsigned bytes is obviously better solution, backed up by spec also. | |
(06:04:21 PM) Geth: ¦ cro-http: ecocode++ for reporting. | |
(06:04:23 PM) sena_kun: ok. | |
(06:04:23 PM) Geth: ¦ cro-http: review: https://github.com/croservices/cro-http/commit/4b336743e8 | |
(06:04:38 PM) sena_kun: I need to write one more test to ensure this behavior. | |
(06:04:48 PM) sena_kun: But I think your code should work nicely on master. :) | |
(06:05:04 PM) sena_kun: phew, so embarassing to have such a bug. | |
(06:06:44 PM) ecocode: well you did solve it very fast :) | |
(06:09:12 PM) jnthn: sena_kun++ # HTTP/2 fixing :) | |
(06:09:17 PM) sena_kun: thanks. good luck with playing with cro. ping me here || ask on SO || open github issue if anything will be not so smooth on our side. | |
(06:09:26 PM) sena_kun: jnthn, o/ | |
(06:09:46 PM) sena_kun: jnthn, could you please look into websocket bug when comfortable? | |
(06:10:19 PM) sena_kun: my exercises in futility were not so successful. | |
(06:11:32 PM) jnthn: sena_kun: I will, though I've hunted so many optimizer bugs in MoarVM this week I probably should allow myself a little bug hunting rest. :-) | |
(06:12:22 PM) sena_kun: jnthn, well, I'll try tomorrow again(eh, today after sleep), so you can rest, of course. I mean, maybe Monday's, you know, Last Resort thing. :) | |
(06:13:01 PM) sena_kun: new 6guts post was quite interesting to read. | |
(06:15:14 PM) ecocode: thanks sena_kun | |
(06:16:01 PM) jnthn: :) | |
(06:16:26 PM) jnthn: Yeah, I can look next week. Would be nice to do a Cro release next week. | |
(06:16:36 PM) jnthn: That's largely a scripted process by now. | |
(06:16:46 PM) sena_kun: Agreed. | |
(06:17:54 PM) jnthn: Now we just need AI to be good enough to write release announcements and we can automate it all... | |
(06:19:48 PM) sena_kun: That'd be easy. I mean, starting from 70s different folks are telling stories that AI is "almost here, just wait a little". | |
(06:26:32 PM) jnthn: :) | |
(06:26:50 PM) jnthn: Yeah, it's like nuclear fusion, though I suspect that is actually closer. :) | |
(06:29:22 PM) sena_kun: Hmm, nuclear fusion indeed may be closer. I mean, there are technical difficulties(not https://www.youtube.com/watch?v=rn-wj4pRpIE), but the theory is here. It is not easy to simulate something like Sun. :S On the other hand, AI is something like, hmm, how should it work at all. | |
(06:30:05 PM) sena_kun: Of course, considering I am not a major in both fields, so have only media-based knowledge on topics. | |
(06:32:35 PM) jnthn: It seems most of the machine learning stuff at the moment is really "interesting applications of statistical methods" :) | |
(06:32:49 PM) jnthn: On the other hand, maybe that's how our brains work too. :) | |
(06:34:42 PM) ***sena_kun doubles "interesting applications of statistical methods" | |
(06:35:51 PM) sena_kun: jnthn, am I counting debugging hours now too? | |
(06:35:58 PM) jnthn: ?Sure :) | |
(06:36:05 PM) jnthn: huh, where'd the ? come from :) | |
(06:38:20 PM) sena_kun: null check? java likes those. | |
(06:48:03 PM) jnthn: Yes, a .?method operator would be rather nice. | |
(06:49:56 PM) sena_kun: ok, all tests are passing for me. | |
(06:50:01 PM) Geth: ¦ cro-http: efd6626df9 | Altai-man++ | t/http2-client.t | |
(06:50:01 PM) Geth: ¦ cro-http: Test HTTP/2 body parsing | |
(06:50:01 PM) Geth: ¦ cro-http: review: https://github.com/croservices/cro-http/commit/efd6626df9 | |
(06:50:24 PM) sena_kun: <$> comes to the rescue... Not in java though. | |
(06:50:30 PM) sena_kun: ok, I'm done for this night. o/ | |
(06:54:54 PM) jnthn: 'night o/ | |
(07:01:12 PM) sena_kun left the room (quit: Quit: Leaving). | |
(07:17:27 PM) ecocode: is there a cro mailing list ? | |
(07:17:47 PM) jnthn: No | |
(07:18:57 PM) ecocode: oh.. | |
(07:19:04 PM) ecocode: that would be helpfull :) | |
(07:19:26 PM) jnthn: Stack Overflow is a good place to post Cro questions. | |
(07:21:25 PM) jnthn: And here, of course | |
(07:23:45 PM) jnthn: Sleep time for me; 'night o/ | |
(07:34:01 PM) ecocode: question is posted https://stackoverflow.com/questions/51451841/cro-user-session-gets-forgotten | |
(07:35:01 PM) ecocode: I prefer mailing lists (or stackoverflow) sonce they have a memory ;) | |
(07:35:10 PM) ecocode: good night ! | |
(07:51:33 PM) lizmat left the room (quit: Ping timeout: 268 seconds). | |
(07/21/2018 01:21:30 AM) lizmat [~textual@5072253D.cm-15.dynamic.ziggo.nl] entered the room. | |
(03:07:02 AM) sena_kun [~sena_kun@25-202-203-46.pool.ukrtel.net] entered the room. | |
(03:17:39 AM) lizmat left the room (quit: Ping timeout: 260 seconds). | |
(03:39:44 AM) Geth: ¦ cro-http: df9995d83e | Altai-man++ | t/http2-client.t | |
(03:39:44 AM) Geth: ¦ cro-http: ALPN can be not included | |
(03:39:44 AM) Geth: ¦ cro-http: review: https://github.com/croservices/cro-http/commit/df9995d83e | |
(04:33:07 AM) lizmat [~textual@5072253D.cm-15.dynamic.ziggo.nl] entered the room. | |
(06:11:27 AM) ecocode: cro throws this error : | |
(06:11:32 AM) ecocode: Restarting beaverapp (beaverapp) | |
(06:11:34 AM) ecocode: ⚠ beaverapp ===SORRY!=== | |
(06:11:36 AM) ecocode: ⚠ beaverapp Parameter type MyUser not allowed on a request unpack parameter | |
(06:11:52 AM) ecocode: It would be helpfull to have a line number here. | |
(06:12:18 AM) ecocode: Is this possible? | |
(06:32:04 AM) sena_kun: hmmm. | |
(06:35:10 AM) sena_kun: not sure about line number. It just calls `die` there. | |
(06:36:03 AM) sena_kun: a chunk of code to play with would be nice to have. | |
(06:37:11 AM) ecocode: I defined a class myuser {has $.username is rw;} | |
(06:37:48 AM) sena_kun: does it have Session role? | |
(06:37:49 AM) ecocode: and then declared a route post->myuser $user, ... | |
(06:38:00 AM) ecocode: so that seemed wrong | |
(06:38:21 AM) ecocode: but the message didn't refer to the line number where the route was declared | |
(06:38:43 AM) ecocode: and nope, there was no Session role | |
(06:39:16 AM) sena_kun: >However, it will be most convenient for use with the HTTP router if the object does the Cro::HTTP::Auth role (which is a simple marker role). | |
(06:39:17 AM) ecocode: I'm learning Perl6 and cro simultanously.. so a lot goes with trial/error | |
(06:39:26 AM) sena_kun: It is `Cro::HTTP::Auth` I believe. | |
(06:39:34 AM) ecocode: yep, figured that out ;) | |
(06:39:49 AM) ecocode: did you see my question on stackoverflow? | |
(06:40:14 AM) sena_kun: ecocode, maybe, what question? About websockets? | |
(06:40:16 AM) ecocode: I'm trying to set up session/authentication based on the documentation. but fail miserably. | |
(06:40:47 AM) ecocode: https://stackoverflow.com/questions/51451841/cro-user-session-gets-forgotten | |
(06:41:17 AM) ecocode: now I'm trying out with Cro::HTTP::Auth::Basic with even less success ;) | |
(06:41:41 AM) sena_kun: I'll look into your question now. | |
(06:42:22 AM) sena_kun: then will look into how to improve error message. | |
(06:42:35 AM) sena_kun: then goes hell debug of websockets I believe. | |
(06:44:19 AM) sena_kun: ecocode, your repo has code to reproduce the issue in SO question, right? | |
(06:44:44 AM) ecocode: yep | |
(06:45:03 AM) sena_kun: thanks, looking into it~ | |
(06:47:06 AM) jnthn: The lack of line number sounds like a Rakudo failing, fwiw | |
(06:47:20 AM) sena_kun: yeah. | |
(06:47:50 AM) sena_kun: but we can try at least say some info about route by ourselves. | |
(06:49:20 AM) jnthn: Yes, that's true | |
(06:51:35 AM) jnthn: ecocode: Just to make sure: your app isn't restarting between the two requests? | |
(06:52:04 AM) sena_kun: it's not. | |
(06:52:11 AM) sena_kun: the redirect works fine. :S | |
(06:52:27 AM) ecocode: :) | |
(06:52:55 AM) sena_kun: Ok, I know what it is. Probably. | |
(06:54:08 AM) sena_kun: issue vanishes when HTTP/1.1 is used, so... It is somewhere in http/2 stack. | |
(06:54:10 AM) sena_kun: yet again. | |
(06:54:55 AM) ecocode: I'm trying to understand role definition with []. any idea where in the docs of perl6 it is explained? | |
(06:55:24 AM) ecocode: like the role definition of Cro::HTTP::Auth::Basic | |
(06:55:35 AM) ecocode: sena_kun: ouch | |
(06:55:38 AM) sena_kun: well, do you know some other languages? | |
(06:55:51 AM) ecocode: perl5/moose :) | |
(06:56:14 AM) ***jnthn just tried the code from StackOverflow and it worked | |
(06:56:42 AM) sena_kun: jnthn, from repo? with http/2? | |
(06:56:46 AM) jnthn: No | |
(06:56:53 AM) sena_kun: well... | |
(06:57:22 AM) sena_kun: ecocode, I don't know perl5, so might be hard to explain using that. | |
(06:57:46 AM) jnthn: If it's something to do with HTTP/2.0 then passing :http<1.1> to Cro::HTTP::Server.new would help | |
(06:58:02 AM) ecocode: If I add the role Cro::HTTP::Auth::Basic[::TSession, Str $username-prop] to my class, How can I access the TSession variables? | |
(06:58:10 AM) sena_kun: ecocode, https://docs.perl6.org/language/objects#index-entry-Parameterized_Roles <- not sure how much it'll help, but here's the docs. | |
(06:58:20 AM) ecocode: thx | |
(06:58:47 AM) jnthn: The type parameters and arguments to the role work like lexicals in the cope of the role | |
(06:58:49 AM) ecocode: jnthn: I removed HTTP1.1 intentionally ;) | |
(06:58:54 AM) sena_kun: jnthn, it would help, but the bug is still here, so needs to be fixed. | |
(06:59:21 AM) ***ecocode reading docs | |
(06:59:50 AM) jnthn: sena_kun: Indeed; sounds like we should also update various of our tests to run under both HTTP/1.1 and HTTP/2.0 so we spot these things. | |
(07:00:36 AM) ***sena_kun extends this night test to have some auth parts | |
(07:01:22 AM) jnthn: Maybe neater would be to update existing auth tests | |
(07:01:41 AM) ecocode: oh. the TSession is just a parameter | |
(07:03:17 AM) jnthn: Yes | |
(07:06:02 AM) ecocode: so, with Cro::HTTP::Auth::Basic, defining a route get -> MyBasicAuth $s { ... } | |
(07:06:15 AM) ecocode: How do I print the username in the ... | |
(07:06:17 AM) ecocode: ? | |
(07:06:22 AM) sena_kun: $s.username? | |
(07:06:30 AM) sena_kun: if your `MyBasicAuth` has such method. | |
(07:07:04 AM) sena_kun: `say` or `content` depending on where you want to "print" it. | |
(07:07:28 AM) ecocode: well no, the MyBasicAuth is defined as in the | |
(07:07:31 AM) ecocode: docs. | |
(07:07:36 AM) ecocode: class MyBasicAuth does Cro::HTTP::Auth::Basic[MyUser, "username"] | |
(07:07:47 AM) ecocode: the username is in the MyUser instance | |
(07:07:55 AM) ecocode: but I can't seem to get there | |
(07:10:17 AM) sena_kun: you can write it like `get -> Cro::HTTP::Auth $session` or `get-> MyUser $session`, and then get `$session.username`. On HTTP/1.1, of course, as 2 has bug now. | |
(07:10:28 AM) sena_kun: give me a second... | |
(07:11:02 AM) sena_kun: https://github.com/croservices/cro-http/blob/master/t/http-auth-basic.t <- you can see working example here. | |
(07:11:12 AM) jnthn: ecocode: There's an example at https://cro.services/docs/http-auth-and-sessions#Basic_Authentication | |
(07:11:30 AM) jnthn: ecocode: You implement the authenticate method and the username nad password are passed to you in there | |
(07:14:59 AM) ecocode: jnthn: that's what I tried... It fails due to HTTP2. I'll try with HTTP1.1 later | |
(07:15:22 AM) ecocode: sena_kun: cool. the test files are a good addendum to the docs! | |
(07:15:54 AM) jnthn: ecocode: Yeah, sorry that we missed that in our HTTP/2.0 testing. | |
(07:15:55 AM) ***ecocode -> has to go afk to do some house cleaning :) | |
(07:16:35 AM) ecocode: jnthn: I'm glad I can help debugging :) This is a test project in a lot of senses | |
(07:16:46 AM) jnthn: :) | |
(08:11:54 AM) ecocode: I think I found an error in the docs at https://cro.services/docs/http-auth-and-sessions#Basic_Authentication | |
(08:12:33 AM) ecocode: the class definition of class MyUser should be class MyUser does Cro::HTTP::Auth | |
(08:35:36 AM) sena_kun: I'll fix it now... | |
(08:35:43 AM) sena_kun: if still not. | |
(08:35:50 AM) ***sena_kun was a bit busy with debugging | |
(08:38:11 AM) Geth: ¦ cro: a45ed4eb4f | Altai-man++ | docs/http-auth-and-sessions.md | |
(08:38:11 AM) Geth: ¦ cro: Fix typo; ecocode++ | |
(08:38:11 AM) Geth: ¦ cro: review: https://github.com/croservices/cro/commit/a45ed4eb4f | |
(10:26:08 AM) sena_kun: that's a confusing one. | |
(11:09:47 AM) sena_kun: gah. | |
(11:09:49 AM) sena_kun: found it. | |
(11:16:03 AM) sena_kun: ecocode, your example must work on master now. I'll state it on SO too now... | |
(11:16:15 AM) Geth: ¦ cro-http: 049e0cdb35 | Altai-man++ | 3 files | |
(11:16:15 AM) Geth: ¦ cro-http: Do not lowercase header fields | |
(11:16:15 AM) Geth: ¦ cro-http: | |
(11:16:15 AM) Geth: ¦ cro-http: RFC 7540 states that only header names MUST be lowercase. It fixes | |
(11:16:15 AM) Geth: ¦ cro-http: bug with random InMemory cookie name, which was very prone to contain | |
(11:16:16 AM) Geth: ¦ cro-http: some uppercase characters, because of that it could not find old | |
(11:16:16 AM) Geth: ¦ cro-http: session, as it matched lowercased and "normal" version. | |
(11:16:17 AM) Geth: ¦ cro-http: review: https://github.com/croservices/cro-http/commit/049e0cdb35 | |
(11:19:24 AM) ***sena_kun feels like the question along with answer will be deleted, with something like "It is not a bugzilla, boo, karma--". | |
(11:33:31 AM) jnthn: oops :) | |
(11:33:51 AM) jnthn: I probably shoulda spotted that when reviewing it :( | |
(11:57:28 AM) sena_kun: well, it was one of the dumbest bugs I've made. Nontheless, I am sure I can beat up my own records. To the infinity and beyond! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment