如何通过API验证Rails和Devise?

时间:2017-01-11 14:48:20

标签: ruby-on-rails devise

我使用gem Devise进行用户注册和身份验证。当我使用网络界面时,一切顺利。但我想通过api认证。所以,我提出了一个请求并收到错误

#request
curl -H 'Content-Type: application/json' -H 'Accept: application/json' -X POST http://localhost:3000/users/sign_in -d '{"user" : { "email" : "admin@mail.ru", "password" : "r465ee"}}'

#error
Started POST "/users/sign_in" for ::1 at 2017-01-11 17:43:57 +0300
Processing by Devise::SessionsController#create as JSON
  Parameters: {"user"=>{"email"=>"admin@mail.ru", "password"=>"[FILTERED]"}, "session"=>{"user"=>{"email"=>"admin@mail.ru", "password"=>"[FILTERED]"}}}
Can't verify CSRF token authenticity.
Completed 422 Unprocessable Entity in 2ms (ActiveRecord: 0.0ms)



ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):

然后我更改了 application_controller.rb ,但它没有帮助。

class ApplicationController < ActionController::Base
  protect_from_forgery with: :null_session, if: ->{request.format.json?}
end

1 个答案:

答案 0 :(得分:0)

尝试

protect_from_forgery with: :null_session, if: Proc.new { |c| c.request.format == 'application/json' }
相关问题
最新问题