Use :unprocessable_content in generated Devise config for Rack 3.1+
#5797
Conversation
…ity in confirmations and unlocks controllers
For rack 3.1 and higher, devise config uses `:unprocessable_content` instead of `:unprocessable_entity`. For rack 3.0 and below, it continues to use `:unprocessable_entity`.
|
+1 works on my setup and tests pass |
carlosantoniodasilva
left a comment
carlosantoniodasilva
left a comment
There was a problem hiding this comment.
Thanks. I think I'll have to handle this better / somehow on responders too for a more complete fix, and the controller code / conditionals seem overly verbose tbh, for anyone looking at it, so I'll need to think about it some, but I appreciate the PR! I don't have any immediate feedback other than I'll take a better look and report back when possible.
We'll continue using `:unprocessable_entity` since Rails will transparently convert this for us for the time being.
Rack has deprecated `:unprocessable_entity` in favor of `:unprocessable_content`, but the former has been used extensively for years. Rails is now transparently converting that under the hood to avoid the warnings, but our failure app wasn't going through the same handling since it's more low level and responds to Rack directly. This introduces the Rails translation handling if available on newer versions, falling back to the Rack conversion which might emit the warning if using `:unprocessable_entity` on Rack 3.1+ To fully fix it, people can configure their `error_status` to `:unprocessable_content` on newer versions of Rack. The default for new Devise apps will also change. rack/rack#2137
carlosantoniodasilva
left a comment
carlosantoniodasilva
left a comment
There was a problem hiding this comment.
@taketo1113 thanks for your PR!
I updated it with a few tweaks, mainly translating the error code in the failure app and reverting the controller changes for now, and will get it merged soon.
| # TODO: use `error_status` when the default changes to `:unprocessable_entity`. | ||
| respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new } | ||
| # Use `error_status` when the default changes to `:unprocessable_content` (or `:unprocessable_entity`). | ||
| respond_with_navigational(resource.errors, status: (Devise.responder.error_status != :ok) ? Devise.responder.error_status : Rack::Utils::SYMBOL_TO_STATUS_CODE.key(422) ){ render :new } |
There was a problem hiding this comment.
Let's revert these controller changes and continue using :unprocessable_entity from here. I'll revisit with responders later, but for now we can rely on the fact that Rails will transparently handle it for us depending on the Rack version.
(I'm still considering making these code changes for v5, not sure it's something I want to bite just yet, as things have been working just fine for now, and there's already plenty of changes on v5 for people to upgrade... maybe in the next version)
| # Note: These might become the new default in future versions of Devise. | ||
| config.responder.error_status = :unprocessable_entity | ||
| config.responder.error_status = :unprocessable_content # for Rack 3.1 or higher | ||
| # config.responder.error_status = :unprocessable_entity # for Rack 3.0 or lower |
|
Thanks! |
4 participants
Background
In Rack v3.1.0, the symbol for HTTP status code 422 was changed from
:unprocessable_entityto:unprocessable_content.As a result, when using rack 3.2 with the following configuration in
config/initializers/devise.rb, a warning is shown on login failure:Warning message:
/path-to-app/vendor/bundle/ruby/3.4.0/gems/devise-4.9.4/lib/devise/failure_app.rb:80: warning: Status code :unprocessable_entity is deprecated and will be removed in a future version of Rack. Please use :unprocessable_content instead.This warning can be resolved by updating the config as follows:
Note that this warning continues to occur even after applying the following Rails patch:
unprocessable_{entity,content}rails/rails#53383Details
This Pull Request fixes the root cause of the warning by adjusting the generated config during
$ rails generate devise:installdepending on the rack version.With this change, newly generated Devise configs will no longer produce warnings.
( Fix #5791 )
For rack 3.1 and higher, this change uses
:unprocessable_contentinstead of:unprocessable_entity.For rack 3.0 and below, it continues to use
:unprocessable_entity.Additional information
DeviseController: Error Status
Controllers under
app/controllers/devisehave also been updated to return the status defined inconfig.responder.error_statuswhen handling errors.If
config.responder.error_statusremains at its default value (:ok), the status falls back to the rack version::unprocessable_contentfor rack 3.1+:unprocessable_entityfor rack 3.0 and belowSymbol selection between
:unprocessable_entityand:unprocessable_contentThe symbol selection between
:unprocessable_entityand:unprocessable_contentis determined by Rack:The behavior of
Rack::Utils::SYMBOL_TO_STATUS_CODE.key(422)depends on the Rack version:The code for
Rack::Utils::SYMBOL_TO_STATUS_CODEcan be found here:https://github.com/rack/rack/blob/v3.2.1/lib/rack/utils.rb#L564-L566
https://github.com/rack/rack/blob/2.0.0/lib/rack/utils.rb#L581-L583