Upload an api made in Spring Boot to heroku, all the Gets methods are working correctly, but the Posts have a problem where only the first request I make works, after that it doesn't work anymore, only if I restart the application. What do I do?
Related
My team is rewriting an existing web application that has a react.js front-end and springboot backend. In addition, The original (legacy) app is written in java (tomcat 8 & struts) and that will continue to be used for some parts of the site until a later date when we will complete the rewrite. All 3 endpoints are on the same domain in the following format: react.js (mysite.mydomain.com), spring (mysiteapp.mydomain.com), and legacy (mysite.mydomain.com/old). All 3 apps are hosted on the same server, but the application urls all route through our F5, so nothing is pointing to localhost. We did this to use the same SSL certificate across the three apps. The new and legacy apps use the same database. We are trying to make cross app calls between the new and old app. When we make the cross app calls, we want the user session to be maintained between them without them having to log in twice. We have not been able to get this to work. In our latest attempt to authenticate the user to both apps simultaneously, we are using ajax to sign the user into legacy with the same credentials. We are getting the following error back from the legacy tomcat application: HTTP Status 403 Invalid CSRF token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'. The server understood the request but refuses to authorize it. We are stumped at this point and out of ideas. Code can be provided on request, but we are looking for the best approach to how to implement this and not as much locked on this path described above.
I deployed a nuxt app to heroku and when I am running it locally, the app is working fine. On the other hand in production the login / register is not working it is always says 400 bad request (there is no explaination why it is a bad request) or 401 unauthorized.
When I am running the up locally, I am pointing to the backend api and it is working fine.
But when it is run in heroku, I get the errors (400 and sometimes 401), oddly it's worked like there random times from different devices but when I logged out and retry create a user errors.
I did not change the code.
I am not sure the problem is with my code or heroku or maybe Pythonanywhere which I am using to host my backend.
It is my first time deploy python DRF as backend and nuxt as front.
My backend is in python DRF.
My front-end nuxt repo nuxt repo
My DRF code backend repo.
In the nuxt app you can see register component with function onSubmit which should register the user and then log him in.
And DRF there is an app name users_auth which has the user model as CustomUser and the Todo model.
nuxt.config.js points to the same place locally and in production.
My application has an API that I consume from my JavaScript/Vue front end. Recently, I (unrelated) tried to unsecure Valet in order to share the site to perform webhook tests. I received a Brew 'Unable to determine linked PHP' error. Long story short I restored the symlink, updated composer dependencies and resecured Valet to ensure nothing was broken.
Upon loading my application, all calls to my Laravel Passport secured API are returning 401. My unit tests are all passing, so the non-javascript authentication is working.
Both the laravel_token and the x-csrf-token are being sent in the request header and I still have CreateFreshApiToken middleware in my Kernel.php.
Has anyone got any ideas as to where I can start to look to debug this?
If you've just recently upgraded to Laravel 5.6.30, this was a security patch with breaking changes.
Read upgrade notes here.
TL;DR
Call Laravel\Passport\Passport::withoutCookieSerialization() in your AppServiceProvider
I was unable to find an answer to this but I am trying to figure out how to change the endpoint of this Spring Web Service. I know NOTHING about them and so I have copied this as an example to try. But I do not want to run this from https://localhost:8080. I would prefer to run it from anywhere but root such as https://localhost/service/healthcheck or whatever.
Any ideas?
Grails and android App -
For each request (get or post) that I send from an same android app in succession, the session id that i get in a grails controller is different. I expect the session to be the same.
Grails and Web -
if I run the similar request from web browser the session id in the controller remains the same.
Why the session id could be changing, when I call request from an android app to grails server?
Since your api works from the web browser, which is not using ajax. And your Android app is not working. Then it's likely that your browser is NOT using the rest api and your app is. Rest is by default and by implication stateless so it makes sense it's not working from Android. In short: when working properly rest shouldn't be using session ids.
The most common solution is to maintain the state in the client side and transfer it over to the server with each request. You can read more about this here.
On the Grails side, you can just ensure you've got an appropriate rest implementation, as described here.