Rails Couldn't find user with auth_token

Question

I have just started to get a rather strange issue with my rails 3.2.18 app

I am using authentication with cookies as described on Railscasts. For the past year (until I upgraded to 3.2.18) all has been well.

However I now have the following issue. I can log on successfully, and navigate to a few pages. However, after an undetermined number of page clicks I get a 500 internal page error. In my production log I see the following error (I have changed the actual token code)

ActiveRecord::RecordNotFound (Couldn't find User with auth_token = XXXXXXXXXXXXXX):
  app/controllers/application_controller.rb:28:in `current_user'

When I look at the database entry for that user I see a correct auth_token entry. The line of code that is being referenced in the application controller is

@current_user ||= User.find_by_auth_token!(cookies[:auth_token]) if cookies[:auth_token]

So yes, need to replce this witth a where rather than find_by statement for things to woork in Rails 4, but this, I don't think, should be causing the issue, it is also odd that the inital authentication and then a few pages clicks work, and then it doesn't work.

To be able to login in again I have to shutdown the browser session (I have the same on firefox, safari, and IE) and then restart and I can login for a period of time.

In addition I do not get this issue in development, only in production

Answer 1

Well in the end I changed the find_by query to a where query as follows

Original

@current_user ||= User.find_by_auth_token!(cookies[:auth_token]) if cookies[:auth_token]

New

@current_user ||= User.where("auth_token =?", cookies[:auth_token]).first if cookies[:auth_token]

And this seems to have resolved things. I thought that find_by was depricated in Rails 4, but obviously something was not totally happy.