我正在建立一个博客,我的注册工作与权限设置完美,但我无法注销用户..
这是我在登出时在控制台中看到的内容:
Started DELETE "/users/sign_out" for 127.0.0.1 at 2015-07-16 14:41:07 -0500
Processing by Devise::SessionsController#destroy as HTML
User Load (0.1ms) SELECT "users".* FROM "users" WHERE "users"."id" = ? ORDER BY "users"."id" ASC LIMIT 1 [["id", 1]]
Can't verify CSRF token authenticity
(0.0ms) begin transaction
(0.1ms) commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 4ms (ActiveRecord: 0.2ms)
这是我的应用程序erb文件的样子:
<% if user_signed_in? %>
<div class="buttons">
<button class="button"><%= link_to "New Post", new_post_path %></button>
<button class="button"><%= link_to "Log Out", destroy_user_session_path, :method => :delete %></button>
</div>
<% end %>
我在初始化程序devise.rb文件中有库存设置
# The default HTTP method used to sign out a resource. Default is :delete.
config.sign_out_via = :delete
但出于某些原因,当我按下退出按钮时,我不会退出。
这是我的routs.rb(添加了“devise_for:users do”代码以试图让它工作):
Rails.application.routes.draw do
devise_for :users do
get '/users/sign_out' => 'devise/sessions#destroy'
end
resources :posts do
resources :comments
end
root "posts#index"
get '/about', to: 'pages#about'
end
Haaalp ....谢谢。
kb的
答案 0 :(得分:2)
问题是请求没有发送CSRF令牌。查看服务器日志的第4行:
Can't verify CSRF token authenticity
将<%= csrf_meta_tag %>放入您的网页应该有效。
答案 1 :(得分:0)
添加
<head>
<%= csrf_meta_tags %>
</head>
你只能尝试这些行:
devise_for :users
而不是这些行
devise_for :users do
get '/users/sign_out' => 'devise/sessions#destroy'
end