Problem at SignIn in heroku


#1

I am building an app based on the “Silhouette Seed template” example for authentication. It uses Postgres for persistence and works well in dev mode. When deploying in Heroku, is failing at Sign In. Credential authentication seems to be working. No error message is delivered at this step but clearing of (email, password) data and not moving to the home page but remaining in the sign in html.
I am using this template as provided, adding/modifying DAOS for Postgres and neglecting all social authentication as not needed.
Will be happy to provide any extra information you may require
Thank you for your help

German Obando


#2

Hi,

for me it’s not really clear which authentication method isn’t working for you. Credentials or Social authentication?

Best regards,
Christian


#3

Christian, thanks for reaching out

This is a credentials authentication. Is necessary to add any extra settings (silhouette.conf) or made changes to the base or silhouette modules for this app to work well after deployment in Heroku ?

I modified UserDAOImpl and add PasswordInfoDAO classes to allow for postgres persistence

Best regards and thank you for your help

Germán

Note: you may try to reproduce the error by following deploy directions in https://github.com/mohiva/play-silhouette-seed


#4

I am using silhouette too for my authentication in Play+Scala webapp. Though I haven’t deployed it to Heroku but it should not matter as long as your implementation is correct. Mine is deployed to AWS cloud and it’s a production app. If you can provide more details that would help. Can you tell where exactly it is failing ? I mean after authtentication is successful against the DB (creds verified) what is your Scala code doing and what it is returning back to the client ?


#5

App is based on https://github.com/mohiva/play-silhouette-seed template that takes the user to a home page upon successful login. App is working well in dev mode.
When deployed in Heroku it is authenticating against postgres. Produces an “invalid credentials” error when trying to sign in with a wrong username or password but remains in the sign in page without navigating to the home page and clearing the input data when using a valid username and password.
Same error is produced when following Heroku deploying instructions in the https://github.com/mohiva/play-silhouette-seed example.
Wonder if some setting is necessary for production in Heroku.
Thank you for your help


#6

Hi,

I’ve really no idea what could cause your issue. Have you tried the following things:

  • Enable debug logging
  • Check cookies
  • Check network console in your browser to see what exactly happens (Headers, Cookies, Redirects)
  • Check if the correct config is loaded
  • Check if the play.http.secret.key is set to a random value

Best regards,
Christian


#7

Hi,
I went to the Silhouette seed template outlined in the examples of Silhouette documentation from which my app is based, and found the following differences between the local execution that works and the Heroku deployment which is not:
• Embedding the authenticator in the request handler’s response and redirecting to the home index page executing silhouette.env.authenticatorService.embed (v, result) method in the Submit method of SignIncontroller works fine for local but fails to navigate to the home page in Heroku

• This above situation in Heroku triggers the onNotAuthenticated method in the CustomSecuredErrorHandler class

• http protocol is used in Local while https in Heroku

Also, this same problem arises when deploying this original example through the Deploy button provided in the GitHub Silhouette seed template

What could explain this situation ?

Thanks
Germán


#8

Did you follow my instructions from the last post?


#9

No. I found the problem in the seed. The example provided in Silhouette seed template example in the documentation presents the same error. The Heroku deployment through the deploy button leads to the exact same problem.


#10

Please could you post your Play config you are using on Heroku? What are the values you are entering for PLAY_CONF_FILE and PLAY_APP_SECRET when deploying the seed to Heroku?


#11

Heroku Config vars for play_silhouette_seed_master:

PLAY_CONF_FILE:
application.prod.conf
PLAY_APP_SECRET:
czSWbcM_/0IproMzVL[1rKDFEK:wKVaEHPVkSGamgl<VZa1twDG/]dEWx^;Qu=:=

Thanks
Germán


#12

OK, this seems good. Have you configured a mail server for the seed template?


#13

No. I do not change a single piece of code in the seed. I go to Heroku’s seed logs to get the activation link. You may reproduce the error by executing the “Deploy to Heroku” button and supplying the configuration variables requested in the example
Thanks


#14

The running example linked in the repository is deployed to Heroku. There was an issue with sending mails in production, because the value mock = true was not overridden. I’ve changed that and deployed the app again. Now it will send emails instead of printing it to the console.

So if you register on this application, you can see that the the login works as expected.

https://play-silhouette-seed.herokuapp.com


#15

Also, if you deploy the seed template unchanged to Heroku it cannot work, because the domain name is hard coded in the config, therefore the authentication cannot work. Because the cookie domain will be set with the wrong value.


#16

imagen

The domain name in the cookie is fine as shown by the browser’s network console. I have also configured and tested the mail server. However, the authenticator is never reached. In addition to the configuration of variables in Heroku and the mail server in application.conf.prod, what modifications should be made to the seed template code ?

Thanks


#17

Christian, the application is working now. Configure the authenticator.cookie.Domain to its correct value.
Thank you very much for your generous help

Best Regards
German


#18

Cool, that it works now :+1: