Question

我试图通过Rails将一首歌（在BBone世界中）与数据库匹配。在尝试保存BBone视图时，我不断获得POST http://localhost:3000/songs 401 (Unauthorized)。 rails控制台错误如下。似乎发送到Rails的参数在字段中重复（删除的数据低于Rails错误，因此要查看嵌套），但是这会阻止数据被保存，而是会产生此错误，而不是更多沿着“太多领域”的路线。

就未经授权而言，这是没有意义的，因为用户ID正在填充。有什么想法吗？

使用gem 'rails-backbone'

骨干模型：

//filename: song.js
define([
  'underscore',
  'backbone',
  'backbone/collections/components'
], function(_, Backbone, componentCollection) {
  var songModel = Backbone.Model.extend({
    paramRoot: 'song',
    defaults: {
      title: '',
      content: '',
      user: '',
      components: componentCollection
    },
    initialize: function(){
    }
  });

  return songModel;
});

骨干视图：

// Filename: views/songs/new_view
define([
  'jquery',
  'underscore',
  'backbone',
  // Pull in the Collection module from above
  'backbone/collections/songsCollection',
  // 'backbone/views/songs/a_song_view',
  'text!backbone/templates/songs/new.html',
  'app/dispatch',
  'app/state'
], function($, _, Backbone, SongsCollection, songsTemplate, dispatch, state){
  return Backbone.View.extend({
el: $('#songs'),

initialize: function(options){
  //......
},

save: function(e){
  e.preventDefault();
  e.stopPropagation();
  var JSONSong = JSON.stringify(this.model.toJSON());
  this.model.unset("errors");
  this.model.set({
    title: $('#title').val(),
    content: JSONSong,
    user: $('#user').val()
  });
  return this.collection.create(this.model.toJSON(), {
    success: function(song) {
      console.log('saved!');
      this.model = song;
      return window.location.hash = "/" + this.model.id;
    },
    error: function(song, jqXHR) {
      return this.model.set({
        errors: $.parseJSON(jqXHR.responseText)
      });
    }
  });
},

render: function(){
  $(this.el).html('');
  var compiledTemplate = _.template ( songsTemplate, this.model.toJSON());
  $(this.el).html(compiledTemplate);
  return this;
},
});
});

Rails Schema：

ActiveRecord::Schema.define(:version => 20130222200403) do


  create_table "songs", :force => true do |t|
    t.string   "title"
    t.string   "content"
    t.datetime "created_at", :null => false
    t.datetime "updated_at", :null => false
    t.integer  "user_id"
  end

  create_table "users", :force => true do |t|
    t.string   "email",                  :default => "", :null => false
    t.string   "encrypted_password",     :default => "", :null => false
    t.string   "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer  "sign_in_count",          :default => 0
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.string   "current_sign_in_ip"
    t.string   "last_sign_in_ip"
  end

  add_index "users", ["email"], :name => "index_users_on_email", :unique => true
  add_index "users", ["reset_password_token"], :name => "index_users_on_reset_password_token", :unique => true

end

Rails控制台错误：

Started POST "/songs" for 127.0.0.1 at 2013-02-25 16:45:56 -0500
Processing by SongsController#create as JSON
  Parameters: {"title"=>"1234", "content"=>"{\"title\":\"1234\",\"content\":\"{\\\"title\\\":\\\"\\\",\\\"content\\\":\\\"\\\",\\\"user\\\":\\\"\\\",\\\"components\\\":[{\\\"label\\\":\\\"Snare\\\",\\\"img\\\":\\\"snare.png\\\",\\\"mute\\\":false,\\\"sample\\\":\\\"808_sd.m4a\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":true,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"},{\\\"label\\\":\\\"Hi Hat\\\",\\\"img\\\":\\\"hihat.png\\\",\\\"mute\\\":true,\\\"sample\\\":\\\"808_chh.m4a\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":true,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"},{\\\"label\\\":\\\"Kick Drum\\\",\\\"img\\\":\\\"kick.png\\\",\\\"mute\\\":true,\\\"sample\\\":\\\"808_bd.m4a\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":false,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"},{\\\"label\\\":\\\"Synth\\\",\\\"img\\\":\\\"synth.png\\\",\\\"mute\\\":true,\\\"sample\\\":\\\"ambass.mp3\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":true,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"}]}\",\"user\":\"1\",\"components\":[{\"label\":\"Snare\",\"img\":\"snare.png\",\"mute\":false,\"sample\":\"808_sd.m4a\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":true,\"signature\":4,\"representation\":\"fraction\"},{\"label\":\"Hi Hat\",\"img\":\"hihat.png\",\"mute\":true,\"sample\":\"808_chh.m4a\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":true,\"signature\":4,\"representation\":\"fraction\"},{\"label\":\"Kick Drum\",\"img\":\"kick.png\",\"mute\":true,\"sample\":\"808_bd.m4a\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":false,\"signature\":4,\"representation\":\"fraction\"},{\"label\":\"Synth\",\"img\":\"synth.png\",\"mute\":true,\"sample\":\"ambass.mp3\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":true,\"signature\":4,\"representation\":\"fraction\"}]}", "user"=>"1", "components"=>[{"label"=>"Snare", "img"=>"snare.png", "mute"=>false, "sample"=>"808_sd.m4a", "measures"=>[{"label"=>"0/4", "beats"=>[{"selected"=>false}, {"selected"=>false}, {"selected"=>false}, {"selected"=>false}], "numberOfBeats"=>0, "divisions"=>8}], "active"=>true, "signature"=>4, "representation"=>"fraction"}, {"label"=>"Hi Hat", "img"=>"hihat.png", "mute"=>true, "sample"=>"808_chh.m4a", "measures"=>[{"label"=>"0/4", "beats"=>[{"selected"=>false}, {"selected"=>false}, {"selected"=>false}, {"selected"=>false}], "numberOfBeats"=>0, "divisions"=>8}], "active"=>true, "signature"=>4, "representation"=>"fraction"}, {"label"=>"Kick Drum", "img"=>"kick.png", "mute"=>true, "sample"=>"808_bd.m4a", "measures"=>[{"label"=>"0/4", "beats"=>[{"selected"=>false}, {"selected"=>false}, {"selected"=>false}, {"selected"=>false}], "numberOfBeats"=>0, "divisions"=>8}], "active"=>false, "signature"=>4, "representation"=>"fraction"}, {"label"=>"Synth", "img"=>"synth.png", "mute"=>true, "sample"=>"ambass.mp3", "measures"=>[{"label"=>"0/4", "beats"=>[{"selected"=>false}, {"selected"=>false}, {"selected"=>false}, {"selected"=>false}], "numberOfBeats"=>0, "divisions"=>8}], "active"=>true, "signature"=>4, "representation"=>"fraction"}], "song"=>{"title"=>"1234", "content"=>"{\"title\":\"1234\",\"content\":\"{\\\"title\\\":\\\"\\\",\\\"content\\\":\\\"\\\",\\\"user\\\":\\\"\\\",\\\"components\\\":[{\\\"label\\\":\\\"Snare\\\",\\\"img\\\":\\\"snare.png\\\",\\\"mute\\\":false,\\\"sample\\\":\\\"808_sd.m4a\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":true,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"},{\\\"label\\\":\\\"Hi Hat\\\",\\\"img\\\":\\\"hihat.png\\\",\\\"mute\\\":true,\\\"sample\\\":\\\"808_chh.m4a\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":true,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"},{\\\"label\\\":\\\"Kick Drum\\\",\\\"img\\\":\\\"kick.png\\\",\\\"mute\\\":true,\\\"sample\\\":\\\"808_bd.m4a\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":false,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"},{\\\"label\\\":\\\"Synth\\\",\\\"img\\\":\\\"synth.png\\\",\\\"mute\\\":true,\\\"sample\\\":\\\"ambass.mp3\\\",\\\"measures\\\":[{\\\"label\\\":\\\"0/4\\\",\\\"beats\\\":[{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false},{\\\"selected\\\":false}],\\\"numberOfBeats\\\":0,\\\"divisions\\\":8}],\\\"active\\\":true,\\\"signature\\\":4,\\\"representation\\\":\\\"fraction\\\"}]}\",\"user\":\"1\",\"components\":[{\"label\":\"Snare\",\"img\":\"snare.png\",\"mute\":false,\"sample\":\"808_sd.m4a\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":true,\"signature\":4,\"representation\":\"fraction\"},{\"label\":\"Hi Hat\",\"img\":\"hihat.png\",\"mute\":true,\"sample\":\"808_chh.m4a\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":true,\"signature\":4,\"representation\":\"fraction\"},{\"label\":\"Kick Drum\",\"img\":\"kick.png\",\"mute\":true,\"sample\":\"808_bd.m4a\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":false,\"signature\":4,\"representation\":\"fraction\"},{\"label\":\"Synth\",\"img\":\"synth.png\",\"mute\":true,\"sample\":\"ambass.mp3\",\"measures\":[{\"label\":\"0/4\",\"beats\":[{\"selected\":false},{\"selected\":false},{\"selected\":false},{\"selected\":false}],\"numberOfBeats\":0,\"divisions\":8}],\"active\":true,\"signature\":4,\"representation\":\"fraction\"}]}"}}
WARNING: Can't verify CSRF token authenticity
Completed 401 Unauthorized in 1ms

删除了所有内容的参数：

Parameters: {"title"=>"1234", "content"=>"{\"title\":\"1234\",\"content\":\"{}", "user"=>"1", "components"=>[], "song"=>{"title"=>"1234", "content"=>"{}"}}

Answer 1

我将CSRF参数和令牌附加到模型以发送到数据库。

  //To pass the variable safely in from BBone to Rails 3.2, you have to include the csrf param and token
  toBeSavedSong.set($("meta[name=csrf-param]").attr('content'), $("meta[name=csrf-token]").attr('content'));

Answer 2

应该在ajax请求中包含CSRF令牌以使其成功。

您的解决方案：

确保您的网页在“”部分中包含CSRF令牌。如果没有，可能是因为您错过了application.html.erb布局文件中的标记。应该有“＆lt;％= csrf_meta_tags％＆gt;”在布局中

<!DOCTYPE html>
<html>
<head>
  <title>Site name</title>
  <%= stylesheet_link_tag    "application", :media => "all" %>
  <%= javascript_include_tag "application" %>
  <%= csrf_meta_tags %>
</head>
<body>

<%= yield %>

</body>
</html>

检查你的jQuery（或骨干使用的其他库）。确保它已更新。我相信jQuery应该在Ajax请求中包含CSRF令牌

如果两者都不适合您，您可以禁用CSRF令牌检查（如果您正在进行公共网站，则会出现CSRF安全问题）。通过在apps / controller / application_controller.rb中删除此行来禁用它

protect_from_forgery

401尝试将Backbone模型保存到rails db时未经授权

2 个答案: