I recently upgraded the ruby version of my rails app to 2.6 and I am facing an error with devise.
When authenticating with warden the last_request_at value is passed as string.
warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#failure")
Due to which I am facing an argument out of range error.
Here is the value to last_request_at which is getting passed to warden
"warden.user.user.session" => {"last_request_at" => "1677703463"}
The time should be integer instead of string.
Below is the code in devise gem that is causing the error, found in
devise/lib/devise/hooks/timeoutable.rb:
if last_request_at.is_a? Integer
last_request_at = Time.at(last_request_at).utc
elsif last_request_at.is_a? String
last_request_at = Time.parse(last_request_at)
end
Time.parse is not able to parse a string but it works when the value is integer.
Is there any way to make sure the last_request_at value is passed an integer instead of a string?
I faced the same issue and in my case it was because of older cookie_store.rb file, the older cookie_store appends the action_dispach cookie into params and than it gets converted to string along with the request.
Update your cookie_store.rb file from here -
For rails 5.2 - https://github.com/rails/rails/blob/5-2-stable/actionpack/lib/action_dispatch/middleware/session/cookie_store.rb