我的Devise宝石目前有问题。问题是每次用户想要登录时都会显示以下错误:
登录名或密码无效。
但我确信登录名和密码是正确的。用户可以注册,注销和更新帐户详细信息。例如,更改密码或电子邮件地址可以正常工作。
我已将firstname,lastname添加到设计注册视图中,但我认为此功能不会导致此错误,对吧?
我正在使用Ruby on Rails 4.1.8。
请查看我的代码:
节/ new.html.erb:
<div class="panel panel-default">
<div class="panel-heading">
<h4><%= t('.sign_in', :default => "Sign in") %></h4>
</div>
<div class="panel-body">
<%= form_for(resource, as: resource_name, url: session_path(resource_name), html: { role: "form" }) do |f| %>
<div class="form-group">
<%= f.label :email %>
<%= f.email_field :email, autofocus: true, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password %>
<%= f.password_field :password, autocomplete: "off", class: "form-control" %>
</div>
<% if devise_mapping.rememberable? %>
<div class="checkbox">
<label>
<%= f.check_box :remember_me %>
<%= f.label :remember_me %>
</label>
</div>
<% end %>
<%= f.submit t('.sign_in', :default => "Sign in"), class: "btn btn-primary" %>
<% end %>
</div>
</div>
<%= render "devise/shared/links" %>
注册/ new.html.erb:
<%= bootstrap_devise_error_messages! %>
<div class="panel panel-default">
<div class="panel-heading">
<h4><%= t('.sign_up', :default => "Sign up") %></h4>
</div>
<div class="panel-body">
<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name), html: { role: "form" }) do |f| %>
<div class="form-group">
<%= f.label :first_name %>
<%= f.text_field :first_name, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :last_name %>
<%= f.text_field :last_name, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :email %>
<%= f.email_field :email, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password %><br />
<%= f.password_field :password, class: "form-control" %>
</div>
<div class="form-group">
<%= f.label :password_confirmation %>
<%= f.password_field :password_confirmation, class: "form-control" %>
</div>
<%= f.submit t('.sign_up', :default => "Sign up"), class: "btn btn-primary" %>
<% end %>
</div>
</div>
<%= render "devise/shared/links" %>
模型/ user.rb:
class User < ActiveRecord::Base
attr_accessor :login
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :authentication_keys => [:login]
# Virtual attribute for authenticating by either username or email
# This is in addition to a real persisted field like 'username'
end
控制器/ application_controller.rb:
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
# before_action :authenticate_user!
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation, :first_name, :last_name) }
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:username, :email, :password, :password_confirmation, :current_password, :first_name, :last_name) }
end
修改
Webrick服务器日志:
Started GET "/users/sign_in" for 127.0.0.1 at 2015-02-20 18:35:56 +0100
Processing by Devise::SessionsController#new as HTML
Rendered devise/shared/_links.erb (1.5ms)
Rendered devise/sessions/new.html.erb within layouts/application (310.6ms)
Completed 200 OK in 682ms (Views: 650.4ms | ActiveRecord: 4.7ms)
Started POST "/users/sign_in" for 127.0.0.1 at 2015-02-20 18:36:07 +0100
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"ehQeHIwX+5C+7zRbr/VIi3LA8bVidzgwIiJc1uHrqj4=", "user"=>{"email"=>"123@web.de", "password"=>"12345678", "remember_me"=>"0"}, "commit"=>"Sign in"}
Completed 401 Unauthorized in 1ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"ehQeHIwX+5C+7zRbr/VIi3LA8bVidzgwIiJc1uHrqj4=", "user"=>{"email"=>"123@web.de", "password"=>"12345678", "remember_me"=>"0"}, "commit"=>"Sign in"}
Unpermitted parameters: email
Rendered devise/shared/_links.erb (0.6ms)
Rendered devise/sessions/new.html.erb within layouts/application (6.7ms)
Completed 200 OK in 548ms (Views: 439.7ms | ActiveRecord: 0.0ms)
答案 0 :(得分:0)
您不需要这一行:
devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
因为您不需要为sign_in将这些属性列入白名单,仅适用于sign_up。 同时修改此行
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation, :first_name, :last_name) }
到
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit( :first_name, :last_name) }
您只需要新添加的属性。