实际上我正在使用巫术进行身份验证,具体如下:
当我点击激活链接时,我收到以下错误:
ActiveRecord::RecordNotFound in UsersController#activate
Couldn't find User with id=pJycxPPmoBQw9D2mfW6W
users_controllers.rb
#cancan
before_filter :require_login, :except => [:not_authenticated, :new, :create, :activate]
load_and_authorize_resource
skip_authorization_check :only => [:new, :create, :activate]
skip_authorize_resource :only => [:new, :create, :activate]
#activate方法
def activate
if (@user = User.load_from_activation_token(params[:id]))
@user.activate!
redirect_to(login_path, :notice => 'Your account is activated.')
else
not_authenticated
end
end
生成令牌
def generate_token(column)
begin
self[column] = SecureRandom.urlsafe_base64
end while User.exists?(column => self[column])
end
load_from_activation_token
def load_from_activation_token(token)
token_attr_name = @sorcery_config.activation_token_attribute_name
token_expiration_date_attr = @sorcery_config.activation_token_expires_at_attribute_name
load_from_token(token, token_attr_name, token_expiration_date_attr)
end
我可以帮忙吗?
答案 0 :(得分:2)
啊哈,我认为问题在于:
load_and_authorize_resource
显然,params[:id]请求的#activate不是用户ID,而是令牌。 Cancan尝试使用此加载用户并且(预期)失败。您也需要跳过此操作的加载(与您已经跳过授权的方式类似)。
skip_load_and_authorize_resource :only => [:new, :create, :activate]