设计gem ajax post到session #create会出错

时间:2014-06-14 01:53:29

标签: javascript ruby-on-rails ruby ajax devise

尝试通过ajax进行身份验证时...使用或不使用密码

$.ajax({
  url: '/users/sign_in',
  type: 'POST',
  dataType: 'json',
  data: {
    user: {
      email: ''",
      password: ''foo"
    }
  },
  success: function(data, textStatus, xhr) {
  },
  error: function(jqXHR, textStatus, errorThrown) {
    console.log(jqXHR);
  }
});

我回来了

{"error":"You need to sign in or sign up before continuing."}

除非有电子邮件地址,否则不是回复:

{"error":"Invalid email or password."}

这是故意的吗?

2 个答案:

答案 0 :(得分:0)

查看日志,应该有一行Completed 401 Unauthorized in 1ms。您可以轻松找到答案,例如:这里Rails 3 devise 401 unauthorized ajax call

答案 1 :(得分:0)

我们遇到了类似的问题 - 我们发现问题是Devise没有很好地处理ajax响应。我们必须覆盖Devise Sessions控制器才能使其正常工作

您可以看到我们的ajax登录操作here(点击"登录"顶部链接)

-

这里是代码(Devise v3.1.0):

#app/controllers/sessions_controller.rb
class SessionsController < DeviseController
  prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
  prepend_before_filter :allow_params_authentication!, :only => :create
  prepend_before_filter { request.env["devise.skip_timeout"] = true }

  prepend_view_path 'app/views/devise'

  # GET /resource/sign_in
  def new
    self.resource = resource_class.new(sign_in_params)
    clean_up_passwords(resource)
    respond_with(resource, serialize_options(resource))
  end

  # POST /resource/sign_in
  def create
    self.resource = warden.authenticate!(auth_options)
    set_flash_message(:notice, :signed_in) if is_navigational_format?
    sign_in(resource_name, resource)

    respond_to do |format|
        format.json { render :json => {}, :status => :ok }
        format.html { respond_with resource, :location => after_sign_in_path_for(resource) } 
    end
  end

  # DELETE /resource/sign_out
  def destroy
    redirect_path = after_sign_out_path_for(resource_name)
    signed_out = (Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name))
    set_flash_message :notice, :signed_out if signed_out && is_navigational_format?

    # We actually need to hardcode this as Rails default responder doesn't
    # support returning empty response on GET request
    respond_to do |format|
      format.all { head :no_content }
      format.any(*navigational_formats) { redirect_to redirect_path }
    end
  end


  protected

  def sign_in_params
    devise_parameter_sanitizer.sanitize(:sign_in)
  end

  def serialize_options(resource)
    methods = resource_class.authentication_keys.dup
    methods = methods.keys if methods.is_a?(Hash)
    methods << :password if resource.respond_to?(:password)
    { :methods => methods, :only => [:password] }
  end

  def auth_options
    { :scope => resource_name, :recall => "#{controller_path}#new" }
  end
end

您必须覆盖路线中的会话控制器:

#config/routes.rb
devise_for :users, controllers: { sessions: "sessions" }
相关问题
最新问题