我在我的Rails应用程序(my_engine)中使用装载引擎(my_application)中的Devise。这很有效,但仍有一个问题:如果用户试图访问受限资源(即受before_filter authenticate_user!保护的页面),Devise / Warden会生成401响应,重定向到sign_in网址。不幸的是,这个sign_in url没有以引擎的挂载路径作为前缀。
所以我的问题是,Devise用于将浏览器转发到sign_in页面的URL是错误的。
引擎的routes.rb文件是......
My_Engine::Engine.routes.draw do
devise_for :users, {
class_name: "My_Engine::User",
module: :devise,
controllers: {registrations: 'my_engine/users/registrations'}
}
devise_scope :user do
get 'users/registrations/after_sign_up/:id' => "users/registrations#after_sign_up", as: :after_sign_up
get 'users/registrations/after_confirm/:id' => "users/registrations#after_confirm", as: :after_confirm
end
end
生成的路线都可以:
Prefix Verb URI Pattern Controller#Action
my_engine /my_engine My_Engine::Engine
Routes for My_Engine::Engine:
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_password POST /users/password(.:format) devise/passwords#create
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
PATCH /users/password(.:format) devise/passwords#update
PUT /users/password(.:format) devise/passwords#update
cancel_user_registration GET /users/cancel(.:format) my_engine/users/registrations#cancel
user_registration POST /users(.:format) my_engine/users/registrations#create
new_user_registration GET /users/sign_up(.:format) my_engine/users/registrations#new
edit_user_registration GET /users/edit(.:format) my_engine/users/registrations#edit
PATCH /users(.:format) my_engine/users/registrations#update
PUT /users(.:format) my_engine/users/registrations#update
DELETE /users(.:format) my_engine/users/registrations#destroy
user_confirmation POST /users/confirmation(.:format) devise/confirmations#create
new_user_confirmation GET /users/confirmation/new(.:format) devise/confirmations#new
GET /users/confirmation(.:format) devise/confirmations#show
after_sign_up GET /users/registrations/after_sign_up/:id(.:format) my_engine/users/registrations#after_sign_up
after_confirm GET /users/registrations/after_confirm/:id(.:format) my_engine/users/registrations#after_confirm
现在,当我访问受保护的资源时,Devise会生成401并重定向到sign_in路径,但该网址不会以' / my_engine`为前缀。
它使用/users/sign_in,但应使用/my_engine/users/sign_in。
19:41:11 web.1 | Started GET "/my_engine/users/edit" for ::1 at 2015-03-09 19:41:11 +0100
19:41:11 web.1 | Processing by My_Engine::Users::RegistrationsController#edit as HTML
19:41:11 web.1 | Completed 401 Unauthorized in 1ms
19:41:11 web.1 |
19:41:11 web.1 |
19:41:11 web.1 | Started GET "/users/sign_in" for ::1 at 2015-03-09 19:41:11 +0100
19:41:11 web.1 |
19:41:11 web.1 | ActionController::RoutingError (No route matches [GET] "/users/sign_in"):
19:41:11 web.1 | actionpack (4.2.0) lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call'
之前有没有遇到过这个?似乎在引擎中存在omniauthenticable的相关问题,但我不确定它们是否有相同的原因。
答案 0 :(得分:0)
查看Ativ的答案,这解决了我的问题。
简而言之,我必须在引擎的lib文件夹中添加一个Devise :: FailureApp,告诉Devise使用它并在启动时加载它。
有关详细信息,请参阅github。