这是一个Rails应用程序,我已在控制器上实现了truentiction,但有1个视图除外
before_filter :authenticate, except: [:new]
身份验证在控制器中运行良好。
允许公开查看.............
localhost:3000/softruns/new
并且 NOT 允许公开查看.............
localhost:3000/softrunss/1/edit
localhost:3000/softruns <---- index page
问题是当用户提交localhost:3000 / softruns / new中的表单时,它会触发身份验证。 我成功提交后,甚至将用户重定向到home / index.html页面。
我可能缺少什么?
这是我的softruns_controller.rb
require 'digest/sha2'
class SoftrunsController < ApplicationController
before_filter :authenticate, except: [:new]
before_action :set_softrun, only: [:show, :edit, :update, :destroy]
# GET /softruns
# GET /softruns.json
def index
@softruns = Softrun.all
end
# GET /softruns/1
# GET /softruns/1.json
def show
end
# GET /softruns/new
def new
@softrun = Softrun.new
end
# GET /softruns/1/edit
def edit
end
# POST /softruns
# POST /softruns.json
def create
@softrun = Softrun.new(softrun_params)
respond_to do |format|
if @softrun.save
format.html { redirect_to root_path, notice: 'Softrun was successfully created.' }
format.json { render action: 'show', status: :created, location: @softrun }
else
format.html { render action: 'new' }
format.json { render json: @softrun.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /softruns/1
# PATCH/PUT /softruns/1.json
def update
respond_to do |format|
if @softrun.update(softrun_params)
format.html { redirect_to @softrun, notice: 'Softrun was successfully updated.' }
format.json { head :no_content }
else
format.html { render action: 'edit' }
format.json { render json: @softrun.errors, status: :unprocessable_entity }
end
end
end
# DELETE /softruns/1
# DELETE /softruns/1.json
def destroy
@softrun.destroy
respond_to do |format|
format.html { redirect_to softruns_url }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_softrun
@softrun = Softrun.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def softrun_params
params.require(:softrun).permit(:soft_email, :soft_twitter, :prim_session)
end
private
def authenticate
userhash = { }
User.all.each do |user|
userhash.store(user.username, user.password)
end
authenticate_or_request_with_http_digest("localhost") do |username|
userhash[username]
end
end
end
答案 0 :(得分:0)
当用户提交表单时,它将调用action create并且需要进行身份验证,因此失败。如果您在例外列表中添加此项,则可以根据需要创建新记录。
before_filter :authenticate, except: [:new, :create]
更多,before_action和before_filter是相同的(Rails 4首选) 在Rails中,您不必在每个私有方法上使用私有。类中私有的所有内容都是私有的