我用未認證用戶我如何可以驗證驗證用戶除了會話控制器
我怎麼能擺脫它訪問索引了一個無限循環的所有資源?感謝
錯誤
Started GET "/sessions/new" for 127.0.0.1 at 2015-07-20 18:24:58 +0800
Processing by SessionsController#new as HTML
Redirected to http://localhost:3000/sessions/new
Filter chain halted as :verify_authenticity rendered or redirected
Completed 302 Found in 5ms (ActiveRecord: 0.0ms)
cache: [GET /sessions/new] miss
片段
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :verify_authenticity, except: [:session]
private
def verify_authenticity
redirect_to sessions_new_url unless current_user
end
end
class SessionsController < ApplicationController
skip_before_action :verify_authenticity
def new
redirect_to index_url if current_user
end
end
我相信你有'current_user'的自定義實現,你可以顯示它嗎?如果沒有通過身份驗證的用戶,請確保它返回nil或false,而不是實際的對象! –