Always receive a 502 error / 302 error after successfully signing in


#1

Hello,

I am using ruby on rails default setup on c9 : version 4.

So I am using omniauth for microsoft emails to login. I have registered my domains at microsfot (and my workspace is open for public)

I have another platform registered for my heroku deployment too.
When I deploy my ruby program to Heroku, everything works as intended -> however if I run it on c9 and attempt to log in, I get a splash screen telling me a 502 error -> and in the terminal I am told, the record (user information) is successfully stored in database, yet when it goes to redirect, I get a 302 error.

The add more complexity, I have to only let a particular sub domain actually log in, and if they are not of that sub domain, they are rejected:

class SessionsController < ApplicationController

#This method will login as the user and save the data I want in session[]
def create
    auth = request.env["omniauth.auth"]
    domain = auth['info']['email'].split('@')[1]
    if domain == "kcl.ac.uk"
        session[:omniauth] = auth.except('extra')
        user = User.sign_in_from_omniauth(auth)
        session[:user_id] = user.id
        redirect_to root_url
    else
        redirect_to root_url
    end
end

#This method will log the user out and delete any session data I have
def destroy
    session[:user_id] = nil
    session[:omniauth] = nil
    redirect_to root_path
end

end

The redirections WORKS for people who are rejected.
Here is the sign in methods for completion:

class User < ActiveRecord::Base
has_many :responses
has_many :posts
has_one :is_admin

def self.sign_in_from_omniauth(auth)
    find_by(provider: auth['provider'], uid: auth['uid']) || create_user_from_omniauth(auth)
   
end

def self.create_user_from_omniauth(auth)
    create(
        provider: auth['provider'],
        uid: auth['uid'],
        name: auth['info']['first_name'],
        last_name: auth['info']['last_name'],
        alias: auth['info']['alias'],
        email: auth['info']['email'],
        display_name: auth['info']['display_name']
    )
end
end

May I stress that this actually works on live deployment (this case Heroku). I do successfully choose the correct secret key etc.

From what I can tell this is a problem with outside in redirections? But I’m honestly not too sure. The only other thing to mention is that this worked on c9 only a few days ago, and no one on my team, myself included, has altered the login code…