1. 首頁
  2. 問答
  3. Devise Rails 3.2.22 remember_user_token not set

Devise Rails 3.2.22 remember_user_token not set

2016-03-03 64 views
0

我試圖用devise 3.5.2和rails 3.2.22來管理一些奇怪的問題。Devise Rails 3.2.22 remember_user_token not set

問題是devise沒有設置remember_user_token cookie。 我的應用程序是一個API,所以我有sessions_controller重寫。

def create 
    # build_resource 
    resource = User.find_for_database_authentication(email: params[:email]) 
    return invalid_login_attempt(email: t('api.errors.email.user_not_exists', email: params[:email])) unless resource 

    unless resource.active_for_authentication? 
    render json: { success: false }.merge(errors: t('api.errors.email.inactive')), status: :ok 
    return 
    end 

    if resource.is_deleted 
    render json: { success: false }.merge(errors: t('api.errors.email.deleted')), status: :ok 
    return 
    end 

    if resource.valid_password?(params[:password]) 
    sign_in("user", resource) 
    resource.enable_beta unless resource.beta_enabled? 
    render json: { success: true }.merge(user: resource.as_json(user: resource)), status: :ok 
    return 
    end 
    invalid_login_attempt(password: t('api.errors.email.wrong_password')) 
end

這裏是我的用戶模型(設計部分)

# Extensions 
devise :database_authenticatable, :registerable, :confirmable, 
    :recoverable, :rememberable, :trackable, :validatable, :lastseenable

登錄工作就像一個魅力,但reme​​mber_user_token餅乾未設置。

Started POST "/api/v1/users/sign_in" for 127.0.0.1 at 2016-03-03 16:09:23 +0600 
Processing by API::V1::SessionsController#create as JSON 
Parameters: {"email"=>"[email protected]", "password"=>"[FILTERED]", "remember_me"=>true, "session"=>{"email"=>"[email protected]", "password"=>" [FILTERED]", "remember_me"=>true}} 
User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."is_deleted" = 'f' AND "users"."email" = '[email protected]' LIMIT 1 
(0.2ms) BEGIN 
(0.5ms) UPDATE "users" SET "last_sign_in_at" = '2016-03-03 10:06:43.642950', "current_sign_in_at" = '2016-03-03 10:09:23.152373', "sign_in_count" = 179, "updated_at" = '2016-03-03 10:09:23.154418', "users_for_mentions" = '--- 
- ''no'' 
' WHERE "users"."id" = 300 
Tag Load (0.4ms) SELECT "tags".* FROM "tags" WHERE "tags"."host_id" = 300 AND "tags"."host_type" = 'User' LIMIT 1 
(0.5ms) COMMIT 
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."id" = $1 LIMIT 1 [["id", 300]] 
City Load (0.3ms) SELECT "cities".* FROM "cities" WHERE "cities"."id" = 3 LIMIT 1 
Completed 200 OK in 2515.4ms (Views: 8.7ms | ActiveRecord: 4.4ms | Sphinx: 0.0ms)

cookie browser 我也試圖用手來設置cookie的:

cookies["remember_user_token"] = { 
    value: user.class.serialize_into_cookie(user.reload), 
    expires: 3.year.from_now, 
    domain: RAILS_DOMAIN 
    }

,但沒有運氣了。似乎有些東西可以防止cookie設置。你能分享你的想法嗎?

在此先感謝。

來源

2016-03-03 retgoat

回答

0

答案是致命的簡單,在GitHub上的設計源代碼解釋

module Devise 
    module Controllers 
    # A module that may be optionally included in a controller in order 
    # to provide remember me behavior. Useful when signing in is done 
    # through a callback, like in OmniAuth.

所以,我需要做的是包括適當的模塊,在我的控制器,並添加方法兩行

module API::V1 
    class SessionsController < Devise::SessionsController 
    include Devise::Controllers::Rememberable 
    prepend_before_filter :require_no_authentication, only: [:create] 

    include Corsable 

    ... 

    def create 
    # build_resource 
    resource = User.find_for_database_authentication(email: params[:email]) 
    return invalid_login_attempt(email: t('api.errors.email.user_not_exists', email: params[:email])) unless resource 

    unless resource.active_for_authentication? 
     render json: { success: false }.merge(errors: t('api.errors.email.inactive')), status: :ok 
     return 
    end 

    if resource.is_deleted 
     render json: { success: false }.merge(errors: t('api.errors.email.deleted')), status: :ok 
     return 
    end 

    if resource.valid_password?(params[:password]) 
     sign_in(resource) 
     remember_me(resource) if params["remember_me"].present? 
     resource.enable_beta unless resource.beta_enabled? 
     render json: { success: true }.merge(user: resource.as_json(user: resource)), status: :ok 
     return 
    end 
    invalid_login_attempt(password: t('api.errors.email.wrong_password')) 
    end 

    def destroy 
    forget_me(current_user) 
    sign_out(resource_name) 
    respond_to do |format| 
     format.json { render json: '', status: :no_content } 
    end 
    end 
end

來源

2016-03-10 09:50:57 retgoat

相關問題

 相關問題