Ruby on Rails登录系统和注册页面问题

时间:2015-11-27 17:50:26

标签: ruby-on-rails-4

Ruby on Rails应用程序。问题是在登录系统中添加一个注册页面,目前只支持登录和注销。注册页面总是给出错误,例如“此网页有重定向循环。

这是我的会话控制器

       class SessionsController < ApplicationController
             skip_before_action :ensure_login, only:[:new ,:create]
             skip_around_action :ensure_signup, only:[:new , :create]

       def new
           #Login Paage -- New.Html.erb
       end

       def create
           user = User.find_by(username: params[:user][:username])
           password = params[:user][:password]
           if user && user.authenticate(password)
           session[:user_id] = user.id
           redirect_to root_path, notice:"Logged in successfully"
       else
         redirect_to login_path, alert:"Invalid username/password                           combination"    
       end   
      end

       def destroy
           reset_session  #wipe out session and everything in it
          redirect_to login_path, notice:"You Have been logged out"
       end
     end

这是我的应用程序控制器

       class ApplicationController < ActionController::Base
             # Prevent CSRF attacks by raising an exception.
             # For APIs, you may want to use :null_session instead.
               protect_from_forgery with: :exception
               before_action :ensure_login 
               before_action :ensure_signup
               helper_method :logged_in?, :current_user

               protected

               def ensure_signup
                   redirect_to(signup_url)           
               end

               def ensure_login 
                   redirect_to login_path unless session[:user_id]
               end  

               def logged_in?
                   session[:user_id] # nil is false
               end

               def current_user
                   @current_user ||= User.find(session[:user_id])
               end  
             end

任何想法?

1 个答案:

答案 0 :(得分:0)

8个月前,当我第一次开始在轨道上学习ruby时,我遇到了这个问题,如果有人建立了自己的登录系统,我推荐使用设计,因为宝石中有很多功能。

我在用户控制器中使用skip_before_action解决了这个问题,因为应用程序控制器中的ensure_login方法会在用户未登录时锁定整个应用程序,如下所示

class ApplicationController < ActionController::Base
     # Prevent CSRF attacks by raising an exception.
     # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
  before_action :ensure_login
  helper_method :logged_in?, :current_user

  protected
      def ensure_login 
         redirect_to login_path unless session[:user_id]
      end  

      def logged_in?
     session[:user_id] # nil is false
      end

      def current_user
      @current_user ||= User.find(session[:user_id])
    end

现在让我们假设您有一个看起来像这样的用户控制器。 使用skip_before_action帮助程序绕过ensure_login方法,您现在将允许访问以注册新用户

 class UsersController < ApplicationController
    skip_before_action :ensure_login ,only:[:new ,:create] #using this   helper here allows for the creation of new users.



    def new
        @user = User.new
    end

    def create
        @user = User.new(user_params)
        if @user.save
           flash[:notice] = "User has been created."
           redirect_to root_path #which may be login page in my case because ensure_login
        else
           flash.now[:alert] = "User has not been created."
           render "new"
      end
    end

  private 
     def user_params
       params.require(:user).permit(:email, :password )
     end

 end
相关问题
最新问题