设计密码重置失败

Question

My Ruby on Rails application is using Devise to manage it's user logins etc..

I am currently having issues with the password reset feature. I have got it working perfectly fine on our local environment, but on the production server (on Heroku) it is failing.

A user can reset their password if they forget it, and the system is sending out the emails with the link to click to reset their password.

Once this link is clicked, they are successfully brought to the site and asked to enter in their new password and then confirm it. The problem is once they save this password, the application fails with the standard "Application Error - An error occurred in the application and your page could not be loaded"

Looking at the heroku logs I can see the following

2014-05-30T12:38:15.373355+00:00 app[web.1]: Started PUT "/users/password" for xx.xxx.xxx.xxx at 2014-05-30 12:38:15 +0000
2014-05-30T12:38:15.377511+00:00 app[web.1]: Processing by Devise::PasswordsController#update as HTML
2014-05-30T12:38:15.377577+00:00 app[web.1]:   Parameters: {"utf8"=>"???", "authenticity_token"=>"3NjJhk3HcIgIkWy8hlmizOVTX5Wx3N9RgHmxwK5Evrg=", "user"=>{"reset_password_token"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Change my password"}
2014-05-30T12:38:31.727191+00:00 app[web.1]: E, [2014-05-30T12:38:31.726292 #2] ERROR -- : worker=0 PID:5 timeout (16s > 15s), killing
2014-05-30T12:38:31.797612+00:00 app[web.1]: E, [2014-05-30T12:38:31.797478 #2] ERROR -- : reaped #<Process::Status: pid 5 SIGKILL (signal
9)> worker=0
2014-05-30T12:38:31.800988+00:00 heroku[router]: at=error code=H13 desc="Connection closed without response" method=POST path=/users/password host=horsepip.com request_id=27d37c84-544f-4fe5-a12d-a7384dfb60c5 fwd="xx.xxx.xxx.xxx" dyno=web.1 connect=1ms service=16425ms status=503 bytes=0
2014-05-30T12:38:31.986995+00:00 heroku[router]: at=info method=GET path=/favicon.ico host=horsepip.com request_id=91e0f2a7-284a-4c85-a9e2-af3d404f1151 fwd="xx.xxx.xxx.xxx" dyno=web.1 connect=0ms service=2ms status=200 bytes=196
2014-05-30T12:38:32.312878+00:00 app[web.1]: I, [2014-05-30T12:38:32.312200 #1109]  INFO -- : worker=0 ready

What I can make out is that the servers worker is crashing, and looking up some of these errors I see they can be related to the Unicorn Gem (which we are using)

We are on the basic Heroku package at the moment as our production server does not have very many people using at the moment, but surely a simple password reset couldn't crash a worker?

I have tried changing a users password via a settings page whereby the user enters their current password, and then a new one, this saves fine without any issues.

Has anyone else ever had any issues with this?

Update With Logs in Debug mode

2014-05-30T13:30:29.393026+00:00 app[web.1]: Processing by Devise::PasswordsController#update as HTML
2014-05-30T13:30:29.393096+00:00 app[web.1]:   Parameters: {"utf8"=>"???", "authenticity_token"=>"oj1WtMp7zU+5MRiCjdk47NeEwJYyZkB7w+FcTvgD1ik=", "user"=>{"reset_password_token"=>"[FILTERED]", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"}, "commit"=>"Change my password"}
2014-05-30T13:30:29.389774+00:00 app[web.1]: Started PUT "/users/password" for xx.xxx.xx.xxx  at 2014-05-30 13:30:29 +0000
2014-05-30T13:30:30.045362+00:00 app[web.1]:   ←[1m←[36mUser Load (2.4ms)←[0m  ←[1mSELECT  "users".* FROM "users"  WHERE "users"."reset_password_token" = '0da2c26faa8c7a6a2935abf55b857590fdfc4b8bbb8ee90bfd5ad35c04f9e3ae'  ORDER BY "users"."id" ASC LIMIT 1←[0m
2014-05-30T13:30:30.136894+00:00 app[web.1]:   ←[1m←[36mSQL (1.7ms)←[0m  ←[1mUPDATE "users" SET "encrypted_password" = $1, "reset_password_sent_at" = $2, "reset_password_token" = $3, "updated_at" = $4 WHERE "users"."id" = 1←[0m  [["encrypted_password", "$2a$10$d2zQ6yuEb17QK2WtHmRk/ufQRhun1RO2ILJ16NJkL90T2JzbxciAq"], ["reset_password_sent_at", nil], ["reset_password_token", nil], ["updated_at", "2014-05-30 13:30:30.130959"]]
2014-05-30T13:30:30.130271+00:00 app[web.1]:   ←[1m←[35m (1.4ms)←[0m  BEGIN
2014-05-30T13:30:39.112542+00:00 app[web.1]:   ←[1m←[35m (6.9ms)←[0m  COMMIT
2014-05-30T13:30:39.159501+00:00 app[web.1]:   ←[1m←[35mSQL (5.3ms)←[0m  UPDATE "users" SET "current_sign_in_at" = $1, "last_sign_in_at" = $2, "reset_password_token" = $3, "sign_in_count" = $4, "updated_at" = $5 WHERE "users"."id" = 1  [["current_sign_in_at", "2014-05-30 13:30:39.133511"], ["last_sign_in_at", "2014-05-30 12:39:44.631269"], ["reset_password_token", "rZPXQ3r8D2easJmjzBox"], ["sign_in_count", 19], ["updated_at", "2014-05-30 13:30:39.147892"]]
2014-05-30T13:30:39.145115+00:00 app[web.1]:   ←[1m←[36m (5.0ms)←[0m  ←[1mBEGIN←[0m
2014-05-30T13:30:45.857557+00:00 app[web.1]: E, [2014-05-30T13:30:45.857376 #2] ERROR -- : worker=1 PID:8 timeout (16s > 15s), killing
2014-05-30T13:30:45.983703+00:00 app[web.1]: I, [2014-05-30T13:30:45.983379 #310]  INFO -- : worker=1 ready
2014-05-30T13:30:45.915630+00:00 app[web.1]: E, [2014-05-30T13:30:45.915530 #2] ERROR -- : reaped #<Process::Status: pid 8 SIGKILL (signal 9)> worker=1
2014-05-30T13:30:45.917905+00:00 heroku[router]: at=error code=H13 desc="Connection closed without response" method=POST path=/users/password host=xxxxx.com request_id=d7fb6561-950a-4dcb-8852-52c259985c99 fwd="78.16.33.137" dyno=web.1 connect=0ms service=16526ms status=503 bytes=0

Answer 1

Found out in the end that we had an intensive cropping of images set to take place each time a users profile was updated. Updating the password triggered the cropping of these images and caused the workers to fail