我试图配置一个设计:confirmable帐户,用户在确认帐户后选择了他的密码(这是一个官方记录的修改,其详细信息可以找到{{3 }})。
问题:没有修改(我在第一次创建帐户时设置密码),确认工作正常。但是,根据修改,我得到401错误(未经授权)。其日志如下:
Started POST "/users/sign_in" for 192.168.1.8 at 2016-01-31 01:53:54 -0700
Processing by Users::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"O7mUtX/5i3Cw2sgAtn8+i4VAuytkHpcxZ0ZnKL6rmfmQsRj0MblP4OGY4K3dxqXQ7qjVMsqpYEIs7Oqkm9G3JA==", "user"=>{"email"=>"neanderslob@neanderslob.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "button"=>""}
^[[1m^[[36mUser Load (0.8ms)^[[0m ^[[1mSELECT "users".* FROM "users" WHERE "users"."email" = $1 ORDER BY "users"."id" ASC LIMIT 1^[[0m [["email", "neanderslob@neanderslob.com"]]
^[[1m^[[35m (0.2ms)^[[0m BEGIN
^[[1m^[[36m (0.1ms)^[[0m ^[[1mCOMMIT^[[0m
Completed 401 Unauthorized in 70ms (ActiveRecord: 1.1ms)
当然没有输入密码,因为这不是必需的。
附加是我的自定义ConfirmationsController
class Users::ConfirmationsController < Devise::ConfirmationsController
# Remove the first skip_before_filter (:require_no_authentication) if you
# don't want to enable logged users to access the confirmation page.
skip_before_filter :require_no_authentication
skip_before_filter :authenticate_user!
# GET /resource/confirmation/new
def new
super
end
# POST /resource/confirmation
def create
super
end
# GET /resource/confirmation?confirmation_token=abcdef
def show
with_unconfirmed_confirmable do
if @confirmable.has_no_password?
do_show
else
do_confirm
end
end
unless @confirmable.errors.empty?
self.resource = @confirmable
render 'devise/confirmations/new' #Change this if you don't have the views on default path
end
end
# PUT /resource/confirmation
def update
with_unconfirmed_confirmable do
if @confirmable.has_no_password?
@confirmable.attempt_set_password(params[:user])
if @confirmable.valid? and @confirmable.password_match?
do_confirm
else
do_show
@confirmable.errors.clear #so that we wont render :new
end
else
@confirmable.errors.add(:email, :password_already_set)
end
end
if !@confirmable.errors.empty?
self.resource = @confirmable
render 'devise/confirmations/new' #Change this if you don't have the views on default path
end
end
protected
# The path used after resending confirmation instructions.
def after_resending_confirmation_instructions_path_for(resource_name)
super(resource_name)
end
# The path used after confirmation.
def after_confirmation_path_for(resource_name, resource)
super(resource_name, resource)
end
def with_unconfirmed_confirmable
@confirmable = User.find_or_initialize_with_error_by(:confirmation_token, params[:confirmation_token])
if !@confirmable.new_record?
@confirmable.only_if_unconfirmed {yield}
end
end
def do_show
@confirmation_token = params[:confirmation_token]
@requires_password = true
self.resource = @confirmable
render 'devise/confirmations/show' #Change this if you don't have the views on default path
end
def do_confirm
@confirmable.confirm!
set_flash_message :notice, :confirmed
sign_in_and_redirect(resource_name, @confirmable)
end
end
一些疯狂的猜测:值得一提的是,这一切都是在我的localhost上完成的。这意味着它生成的网址来自here ...我的应用程序是为响应自定义域而构建的。在自定义之前,我只能将localhost:3000的确认链接更改为mydomain.com:3000,一切正常。但是,我不知道在我的定制下是否允许这样做(老实说,没有足够的知识可以肯定地说出这种或那种方式)。
无论如何,感谢您的任何想法!
编辑:我的会话控制器(错误消息的相关控制器,如我所指出的)如下...注意注释掉的创建方法
class Users::SessionsController < Devise::SessionsController
# GET /resource/sign_in
def new
super
end
# POST /resource/sign_in
# def create
# super
# end
# DELETE /resource/sign_out
def destroy
super
end
end