rails devise 401 unauthorized for a specific page
I'm having trouble discerning why my app is returning a 401 Unauthorized. Other actions in my Institutions controller are working just fine while not signed in. However, this and another page are returning 401. If logged in, these pages work perfectly fine, but they shouldn't require being logged in. I have even gone so far as to empty the view and the action, but still the page is returning a 401. When debugging through fiddler, I simply receive a 302 Redirect.
I've tried researching elsewhere and have tried the solutions from Warden authentication recalls 401 Unauthorized without success.
Console
Started GET "/institutions/3" for 127.0.0.1 at 2013-04-25 14:38:15 -0400
Processing by InstitutionsController#show as HTML
Parameters: {"id"=>"3"}
←[1m←[36mInstitution Load (0.0ms)←[0m ←[1mSELECT `institutions`.* FROM `institutions` WHERE `institutions`.`id` = 3 LIMIT 1←[0m
Load data...
Load assets...
Then I submit the form, method is set as GET
Started GET "/visit/schedule/preview?utf8=%E2%9C%93&selected_ids=4693" for 127.0.0.1 at 2013
-04-25 14:28:53 -0400
Processing by InstitutionsController#previewselectedvisits as HTML
Parameters: {"utf8"=>"√", "selected_ids"=>"4693"}
Completed 401 Unauthorized in 0ms
Started GET "/users/sign_in" for 127.0.0.1 at 2013-04-25 14:28:53 -0400
Processing by Devise::SessionsController#new as HTML
Rendered devise/sessions/new.html.erb within layouts/application (15.6ms)
Rendered auth/_login.html.erb (0.0ms)
Rendered auth/_loginmodal.html.erb (0.0ms)
Rendered shared/_navbarout.html.erb (0.0ms)
Rendered shared/_navbar.html.erb (0.0ms)
←[1m←[36mInstitution Load (0.0ms)←[0m ←[1mSELECT name FROM `institutions` ←[0m
Rendered search/_searchbar.html.erb (0.0ms)
Rendered search/_searchresults.html.erb (0.0ms)
Rendered shared/_footer.html.erb (0.0ms)
Completed 200 OK in 140ms (Views: 46.8ms | ActiveRecord: 15.6ms)
Load assets...
Relevant Routes
devise_for :users
match 'visit/schedule/preview' => 'institutions#previewselectedvisits', :as => :preview_visits, :via => :get
match "institutions/:id" => "institutions#show", :as => :show_institution
rake routes
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_password POST /users/password(.:format) devise/passwords#create
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
PUT /users/password(.:format) devise/passwords#update
cancel_user_registration GET /users/cancel(.:format) devise_invitable/registrations#cancel
user_registration POST /users(.:format) devise_invitable/registrations#create
new_user_registration GET /users/sign_up(.:format) devise_invitable/registrations#new
edit_user_registration GET /users/edit(.:format) devise_invitable/registrations#edit
PUT /users(.:format) devise_invitable/registrations#update
DELETE /users(.:format) devise_invitable/registrations#destroy
user_confirmation POST /users/confirmation(.:format) devise/confirmations#create
new_user_confirmation GET /users/confirmation/new(.:format) devise/confirmations#new
GET /users/confirmation(.:format) devise/confirmations#show
user_unlock POST /users/unlock(.:format) devise/unlocks#create
new_user_unlock GET /users/unlock/new(.:format) devise/unlocks#new
GET /users/unlock(.:format) devise/unlocks#show
accept_user_invitation GET /users/invitation/accept(.:format) devise/invitations#edit
remove_user_invitation GET /users/invitation/remove(.:format) devise/invitations#destroy
user_invitation POST /users/invitation(.:format) devise/invitations#create
new_user_invitation GET /users/invitation/new(.:format) devise/invitations#new
PUT /users/invitation(.:format) devise/invitations#update
preview_visits GET /visit/schedule/preview(.:format) institutions#previewselectedvisits
show_institution /institutions/:id(.:format) institutions#show
vote_institution /institutions/:id/vote/:visittype_id(.:format) institutions#vote
/institutions/:id/:offset(.:format) institutions#show
institutions /institutions(.:format) institutions#index
schedule_visits /schedule(.:format) institutions#index
auth_failure /auth/failure(.:format) services#failure
/auth/:service/:callback(.:format) services#create
services GET /services(.:format) services#index
POST /services(.:format) services#create
service DELETE /services/:id(.:format) services#destroy
login_user /users/login(.:format) users#login
myvisits_user /users/myvisits(.:format) users#myvisits
email_myvisits_user /users/myvisits/email(.:format) users#emailmyvisits
remove_visit_from_user /users/removevisit/:id/:user_id(.:format) users#rmvisit
addvisits_user /users/addvisits(.:format) users#addvisits
changevisit_user /users/visits/:user_id/:visit_id/:is_going(.:format) users#toggle_user_going_on_visit
add_family_to_user /users/invite(.:format) users#addfamilymember
add_family_default_to_user /users/profile/addfamilymemberdefault(.:format) users#addfamilymember_default
remove_family_from_user /users/profile/removefamilymember(.:format) users#rmfamilymember
update_profile_user /users/profile/update(.:format) users#update
update_profile_other_user /users/profile/update/:id(.:format) users#update
edit_profile_user /users/profile/edit(.:format) users#edit
show_profile_user /users/profile(.:format) users#show
users /users(.:format) users#show
families GET /families(.:format) families#index
POST /families(.:format) families#create
new_family GET /families/new(.:format) families#new
edit_family GET /families/:id/edit(.:format) families#edit
family GET /families/:id(.:format) families#show
PUT /families/:id(.:format) families#update
DELETE /families/:id(.:format) families#destroy
visits /visits(.:format) visits#index
company /company(.:format) company#aboutus
edu /edu(.:format) edu#index
root / institutions#index
Gemfile
source 'https://rubygems.org'
gem 'rails', '3.2.12'
gem 'mysql2'
gem 'execjs'
group :assets do
gem 'sass-rails', '~> 3.2.3'
gem 'coffee-rails', '~> 3.2.1'
gem 'uglifier', '>= 1.0.3'
end
gem 'jquery-rails'
gem 'simple_form'
gem 'devise'
gem 'devise_invitable'
gem 'omniauth'
gem "omniauth-google-oauth2"
gem 'omniauth-linkedin-oauth2'
gem 'omniauth-facebook'
#in-place editing
gem 'best_in_place'
#email template convert to inline
gem 'roadie'
#amazon web services and images
gem 'paperclip'
gem 'aws-sdk'
Answer
check the code of your InstitutionsController and ApplicationController -- look for statements with current_user or before_filter in them
class InstitutionsController < ApplicationController
before_filter :login_required, :only => [:method1,:method2]
...
end
could be that the method you are trying to call is listed as requiring authentication, but you are not logged in.
Can you also post an excerpt of your InstitutionsController with the preview method in it?
Another possible problem is that your route might be defined incorrectly:
match 'visit/schedule/preview' => 'institutions#previewselectedvisits', :as => :preview_visits, :via => :get
does the InstitutionsController really have a method called previewselectedvisits ?