我正在使用rails 4和devise 3.5.2来设置我的项目。一切都很好。然后我开始研究应用boostrap主题。当我完成sign_in页面后,我意识到登录不再有效。我无法理解发生了什么变化。
当我尝试登录时,我没有被重定向到应用程序,而是获得了“签名”。再次页面。这就好像根本没有登录一样。
这是视图app/views/users/sessions/new.html.erb:
<!-- === BEGIN CONTENT === -->
<div id="content">
<div class="container">
<div class="row margin-vert-30">
<!-- Login Box -->
<div class="col-md-6 col-md-offset-3 col-sm-offset-3">
<form class="login-page">
<div class="login-header margin-bottom-30">
<h2>Login to your account</h2>
</div>
<%= bootstrap_form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<%= f.email_field :email, prepend: '<i class="fa fa-user"></i>'.html_safe %>
<%= f.password_field :password, prepend: '<i class="fa fa-lock"></i>'.html_safe %>
<div class="row">
<div class="col-md-6">
<% if devise_mapping.rememberable? -%>
<%= f.check_box :remember_me %>
<% end %>
</div>
<div class="col-md-6">
<%= f.submit "Log in", class: "btn btn-primary pull-right" %>
</div>
<%= f.alert_message "Please fix the errors below." %>
</div>
<% end %>
<hr>
<h4>Forget your Password ?</h4>
<p>
<a href="#">Click here</a> to reset your password.</p>
</form>
</div>
<!-- End Login Box -->
</div>
</div>
</div>
我的控制器对用户来说相当简单:
class UsersController < ApplicationController
include UsersHelper
before_action :set_user, only: [:show, :edit, :update, :destroy]
before_action :authenticate_user!
# GET /users
# GET /users.json
def index
if admin?
@users = User.all
else
redirect_to user_path(current_user)
end
end
# GET /users/1
# GET /users/1.json
def show
# @user = User.find(params[:id])
@borrowers = @user.borrowers
@current_total = current_total(@borrowers)
unless @user == current_user
redirect_to :back, :alert => "Access denied."
end
end
# GET /users/new
def new
@user = User.new
end
# GET /users/1/edit
def edit
end
# POST /users
# POST /users.json
def create
@user = User.new(user_params)
respond_to do |format|
if @user.save
format.html { redirect_to @user, notice: 'User was successfully created.' }
format.json { render :show, status: :created, location: @user }
else
format.html { render :new }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# PATCH/PUT /users/1
# PATCH/PUT /users/1.json
def update
respond_to do |format|
if @user.update(user_params)
format.html { redirect_to @user, notice: 'User was successfully updated.' }
format.json { render :show, status: :ok, location: @user }
else
format.html { render :edit }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
end
# DELETE /users/1
# DELETE /users/1.json
def destroy
@user.destroy
respond_to do |format|
format.html { redirect_to users_url, notice: 'User was successfully destroyed.' }
format.json { head :no_content }
end
end
private
# Use callbacks to share common setup or constraints between actions.
def set_user
@user = User.find(params[:id])
end
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
params.require(:user).permit(:name, :password, :email, :role)
end
end
这是我的应用程序控制器,其重定向为app/controllers/application_controller.rb:
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
def after_sign_in_path_for(resource)
user_path(current_user)
end
end
这些是我的开发日志:
Started GET "/users/sign_in" for 127.0.0.1 at 2015-09-17 18:26:47 +0300
Processing by Devise::SessionsController#new as HTML
Rendered users/sessions/new.html.erb within layouts/application (41.6ms)
Rendered shared/_head.html.erb (248.4ms)
Rendered shared/_pre_header.erb (0.0ms)
Rendered shared/_bg.html.erb (0.1ms)
Rendered shared/_primary_container.html.erb (3.2ms)
Rendered shared/_menu.html.erb (0.2ms)
Rendered shared/_footer.html.erb (56.3ms)
Completed 200 OK in 426ms (Views: 370.1ms | ActiveRecord: 32.1ms)
Started GET "/users/sign_in?utf8=%E2%9C%93&authenticity_token=xkWU%2BaWJpalPSmYJzGgpEG2%2BdoAFbaJQt133EPlWdJG9jBh3ZP3BYPpRkUzZZ6v21Qe%2BKdyaxo4HwBtHE%2BEseA%3D%3D&user%5Bemail%5D=atmosx%40me.com&user%5Bpassword%5D=[FILTERED]&user%5Bremember_me%5D=0&commit=Log+in" for 127.0.0.1 at 2015-09-17 18:26:54 +0300
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"xkWU+aWJpalPSmYJzGgpEG2+doAFbaJQt133EPlWdJG9jBh3ZP3BYPpRkUzZZ6v21Qe+Kdyaxo4HwBtHE+EseA==", "user"=>{"email"=>"atmosx@me.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
Rendered users/sessions/new.html.erb within layouts/application (2.7ms)
Rendered shared/_head.html.erb (256.7ms)
Rendered shared/_pre_header.erb (0.1ms)
Rendered shared/_bg.html.erb (0.0ms)
Rendered shared/_primary_container.html.erb (2.7ms)
Rendered shared/_menu.html.erb (0.2ms)
Rendered shared/_footer.html.erb (55.6ms)
Completed 200 OK in 447ms (Views: 337.7ms | ActiveRecord: 0.0ms)
从rails控制台,登录工作正常:
Loading development environment (Rails 4.2.1)
2.2.2 :001 > ApplicationController.allow_forgery_protection = false
=> false
2.2.2 :002 > app.post('/users/sign_in', {"user"=>{"email"=>"atmosx@me.com", "password"=>"panagiotis"}})
Started POST "/users/sign_in" for 127.0.0.1 at 2015-09-17 18:32:45 +0300
ActiveRecord::SchemaMigration Load (19.8ms) SELECT "schema_migrations".* FROM "schema_migrations"
Processing by Devise::SessionsController#create as HTML
Parameters: {"user"=>{"email"=>"atmosx@me.com", "password"=>"[FILTERED]"}}
User Load (24.7ms) SELECT "users".* FROM "users" WHERE "users"."email" = $1 ORDER BY "users"."id" ASC LIMIT 1 [["email", "atmosx@me.com"]]
(0.3ms) BEGIN
SQL (3.3ms) UPDATE "users" SET "current_sign_in_at" = $1, "sign_in_count" = $2, "updated_at" = $3 WHERE "users"."id" = $4 [["current_sign_in_at", "2015-09-17 15:32:45.844380"], ["sign_in_count", 2], ["updated_at", "2015-09-17 15:32:45.846407"], ["id", 1]]
(0.9ms) COMMIT
Redirected to http://www.example.com/users/1
Completed 302 Found in 275ms (ActiveRecord: 57.8ms)
=> 302
欢迎任何想法或提示!
更新:
转到我使用较旧分支的计算机,我认为问题是当前表单中的 submit 会发出GET请求而不是POST请求。但我不确定如何克服这个......
答案 0 :(得分:2)
尝试强制表单发出POST请求。在您的表单中,修复此行以添加方法:: post
<%= bootstrap_form_for(resource, as: resource_name, url: session_path(resource_name), method: :post) do |f| %>
如果这没有帮助,作为提示,当您通过表单登录时,Devise::SessionsController#new正在处理请求,而应由Devise::SessionsController#create完成。这应该有助于缩小您的问题范围,因为我确定它的位置。我希望有所帮助!