我使用rack-cors将一个带有ActiveModelAdapter的ember-cli应用程序发送到Rails API。我已将两者配置为使用ember-cli-simple-auth-devise。
在本地开发中,一切都很完美。但是一旦我将ember-cli应用程序部署到Heroku,我无法验证我的登录,但能够检索其他记录。我收到以下405错误:
POST http://example.herokuapp.com/businesses/sign_in 405(不允许)
也许这与我使用Business而不是User for Devise模型的事实有关,但是我在application_controller中将User更改为Business(另外它不会在本地工作):
## /backend/app/controllers/application_controller.rb
class ApplicationController < ActionController::Base
before_filter :authenticate_user_from_token!
private
def authenticate_user_from_token!
authenticate_with_http_token do |token, options|
user_email = options[:user_email].presence
user = user_email && Business.find_by_email(user_email)
## /\ Changed User to Business /\
if user && Devise.secure_compare(user.authentication_token, token)
sign_in user, store: false
end
end
end
end
Rack-cors配置:
## /backend/config.ru
require ::File.expand_path('../config/environment', __FILE__)
run Rails.application
require 'rack/cors'
use Rack::Cors do
# allow all origins in development
allow do
origins '*'
resource '*',
:headers => :any,
:methods => [:get, :post, :delete, :put, :options]
end
end
我已经配置了simple-auth-devise,如下所示:
// frontend/config/environment.js
ENV['simple-auth-devise'] = {
serverTokenEndpoint: 'businesses/sign_in',
resourceName: 'business',
crossOriginWhitelist: ['http://example-backend.herokuapp.com/']
};
对此的任何见解将不胜感激。
谢谢!
** 更新 ** 我把它缩小到这样一个事实:它是一个POST到example.herokuapp.com而不是我的rails后端的example-backend.herokuapp.com网址。所以我认为这与ember-cli-simple-auth有关,不使用我用heroku设置的代理,正如商店所做的那样。
答案 0 :(得分:2)
当主机不是提供Ember应用程序的主机时,您需要配置serverTokenEndpoint包括主机:
ENV['simple-auth-devise'] = {
serverTokenEndpoint: 'http://example-backend.herokuapp.com/businesses/sign_in',
resourceName: 'business',
crossOriginWhitelist: ['http://example-backend.herokuapp.com/']
};