-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Accept Rails 7.0.0 #204
Accept Rails 7.0.0 #204
Conversation
Thank you! |
Looks like Rails 7.0 requires Ruby 2.7 and above. |
I get an error when using devise-two-factor and upgrading an app to Rails 7.0. I tried with the version from this PR and the error persists.
This eventually comes from
I don't know what the solution is from here, but the |
As long as encrypts :otp_secret
devise :two_factor_authenticatable, ... After that, I upgraded to Rails 7 with this PR and rewrite lockbox_encrypts :otp_secret
devise :two_factor_authenticatable, ... It worked correctly. You need to take steps before upgrading to rails 7, I propose decoupling |
Hello everyone, Any update concerning this issue ? |
I haven't got back to upgrading that site yet due to a vacation over Xmas/NY. I'm hoping I'll have another chance this weekend and will let you know. |
Thanks for the update @andyjeffries. I will try out the changes of this issue and see if there is something else that comes up. :) Have a nice week! |
I get this error as well after going to Rails 7. It is the only thing keeping me from upgrading fully. Is there any ETA for a fix or what can any of us do to help? |
I installed the lockbox gem and added the lockbox_encrypts :otp_secret I can login as a user without 2fa enabled of course but I can't login with a user that has 2fa enabled and can't enable 2fa for a user. |
I actually ended up using the branch from cybersecuricy here #192 and it works perfectly. |
Agree, that one works perfectly for me too. Thanks @jason-hobbs |
Just checking in on what the next steps are here. This is one of the gems holding me back from upgrading to Rails 7. |
I also tested @cybersecuricy's approach. Seems to work just fine after migrating |
For now add the gem like this:
And then |
@bsedat Does this look good to merge? |
@bsedat Thank you. Could we add a version tag as well? |
I don't know about anyone else, but seeing that this was merged, I switched back to the mainline version so that I can get 4.0.1 to fix CVE-2021-43177 on Rails 7.0.2.3, but it now breaks again for me. If I run
If I switch back to cybersecuricy's branch it works fine (but my CI run fails due to the CVE). So it looks like there's some fix on their branch that still isn't merged here. |
No description provided.