你好,我过去几个小时一直在努力解决这个问题,但我还是找不到错误的地方。
我在session中设置了user_id SessionsController
class SessionsController < ApplicationController
skip_before_action :authenticate, except: [:logout]
def new
@session = Session.new
end
def create
@user_session = Session.new(session_params)
if @user_session.valid?
session[:user_id] = @user_session.user_id
redirect_to learners_url
else
redirect_to learner_new_registrations
end
end
def logout
session[:user_id] = nil
redirect_to root_url
end
private
def session_params
params.require(:session).permit(:email, :password)
end
端
在设置会话值后的create操作中,它会重定向到learners_url,但它又会重定向到根网址。请遵守以下server log
Started POST "/sessions" for 127.0.0.1 at 2016-04-13 12:00:01 +0530
Processing by SessionsController#create as HTML
Parameters: {"session"=>{"email"=>"narasimha@gmail.com", "password"=>"[FILTERED]"}, "login-submit"=>"Submit"}
Can't verify CSRF token authenticity
MONGODB | localhost:27017 | project_practice_development.find | STARTED | {"find"=>"users", "filter"=>{"email"=>"narasimha@gmail.com"}, "limit"=>-1}
MONGODB | localhost:27017 | project_practice_development.find | SUCCEEDED | 0.000360343s
Redirected to http://localhost:3000/learners
Completed 302 Found in 67ms
Started GET "/learners" for 127.0.0.1 at 2016-04-13 12:00:01 +0530
Processing by LearnersController#index as HTML
MONGODB | localhost:27017 | project_practice_development.find | STARTED | {"find"=>"users", "filter"=>{"_id"=>nil}}
MONGODB | localhost:27017 | project_practice_development.find | SUCCEEDED | 0.000387588s
Redirected to http://localhost:3000/
Filter chain halted as :authenticate rendered or redirected
Completed 302 Found in 2ms
Started GET "/" for 127.0.0.1 at 2016-04-13 12:00:01 +0530
Processing by WelcomesController#about as HTML
Rendered welcomes/about.html.erb within layouts/welcomes (0.2ms)
Completed 200 OK in 16ms (Views: 15.4ms)
这意味着它正在重定向到LearnersController#Index行动。在ApplicationController我设置了call back这样的
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery
before_action :authenticate
def authenticate
return if signed_in?
redirect_to root_url
end
def current_user
@current_user ||= User.find(session[:user_id].to_s) #Problem is here. Here i am unable to access session[:user_id] which i was set in sessions controller. so it is redirecting to `root_url`
rescue Mongoid::Errors::DocumentNotFound => ex
end
def signed_in?
current_user.present?
end
helper_method :authenticate?
end
帮我解决一下。为什么我无法在应用程序控制器中使用session[:user_id]值?提前致谢。
注意:我使用的是rails 5.0.0.beta3版本
答案 0 :(得分:0)
你从未创建过会话,试试这个:
def create
#@user_session = Session.create(session_params)
user = User.find_by(email: params[:session][:email].downcase)
if user && user.authenticate(params[:session][:password])
session[:user_id] = user.id
redirect_to learners_url
else
redirect_to learner_new_registrations
end
end
因为,您尚未对用户进行身份验证。因此,在ApplicationController中,您有一个名为authenticate的方法。它首先检查用户是否为signed_in?。如果没有,则会将您重定向到root_url。
def authenticate
return if signed_in?
redirect_to root_url
end