Rails:ActionController :: InvalidAuthenticityToken

时间:2016-09-20 23:17:20

标签: ruby-on-rails

我目前正在开展一个涉及用户,喜欢和帖子的项目。我有一个喜欢/不像的按钮,我终于在某些时候开始工作了,但是当我去一个不同的帖子时,我会抛出某些用户的个人资料,我会抛出这个错误,它说它来自我的毁灭在我喜欢的控制器中的动作:

ActionController::InvalidAuthenticityToken

我使用设计,但不知道这是否与问题的原因有关。

现在我正在与之合作:

<h4>All of <%= @user.email %>'s posts:</h4>
<% @user.posts.order('created_at DESC').each do |post| %>
    <li><%= post.content %></li>
<% unless current_user.likes.pluck(:post_id).include?(post.id) %>
<%= form_tag likes_path do %>
  <%= hidden_field_tag 'post_id', post.id %>
  <%= submit_tag "Like", :class => "like_button" %>
<% end %>
<% else %>
<% like = post.likes.where(user_id: current_user.id).first %>
<div class="unlike_button">
    <%= form_tag like_path(like) do %>
  <%= hidden_field_tag 'post_id', post.id %>

  <%= button_to "Unlike", like_path(post), method: :delete %>
</div>
<% end %>
       
class LikesController < ApplicationController
def create
@post = Post.find(params[:post_id])

@like = Like.new(user_id: current_user.id, post_id: @post.id)
if @like.save
    flash[:success] = "Post Liked!"
    redirect_back(fallback_location: root_path)
else
    flash[:notice] = "Couldn't like post"
    redirect_back(fallback_location: root_path)
end
end


def destroy
  @like = Like.find(params[:id])
  @like.destroy
  flash[:success] = "Post unliked"
  redirect_back(fallback_location: root_path)
end

结束

     class PostsController < ApplicationController

def index
    @posts = Post.all
    @user = User.find(params[:user_id])
end

def new
    @post = Post.new
    @user = User.find(params[:user_id])
end

def create
    @post = current_user.posts.build(post_params)
    if @post.save
        flash[:success] = "Posted!"
        redirect_to user_path(current_user)
    else
        flash[:notice] = "Post could not be submitted"
        redirect_to users_path
    end
end

private

def post_params
    params.require(:post).permit(:content)
end
end 

3 个答案:

答案 0 :(得分:3)

application_controller.rb ..

中有评论
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.

所以,你可以尝试改变..

protect_from_forgery with: :exception

到这个

protect_from_forgery with: :null_session

希望有所帮助:)

答案 1 :(得分:0)

我想我已经弄清楚了..至少已经让它发挥作用了。我正在使用form_for帮助器以及button_to帮助器。我删除了form_for帮助器,只是坚持

protected void UploadButton_Click(object sender, EventArgs 
{
    // Specify the path on the server to
    // save the uploaded file to.
    String savePath = @"c:\temp\uploads\";

// Before attempting to perform operations
// on the file, verify that the FileUpload 
// control contains a file.
if (FileUpload1.HasFile)
{
  // Get the name of the file to upload.
  String fileName = FileUpload1.FileName;

  // Append the name of the file to upload to the path.
  savePath += fileName;


  // Call the SaveAs method to save the 
  // uploaded file to the specified path.
  // This example does not perform all
  // the necessary error checking.               
  // If a file with the same name
  // already exists in the specified path,  
  // the uploaded file overwrites it.
  FileUpload1.SaveAs(savePath);

现在正在运作

答案 2 :(得分:0)

可以帮助我解决此问题的方法是在URL中添加正斜杠

发件人:

= bootstrap_form_tag url: 'signup_with_phone' do |form|

收件人:

= bootstrap_form_tag url: '/signup_with_phone' do |form|