我继承了使用Rails(v.4.2.0)+ AngularJS构建的应用程序。它的大部分工作都相当不错,但是我用Devise(v.3.5.1)撞墙,我无法克服。
应用程序的结构是这样的:Angular.js处理客户端,并由Rails应用程序通过API从后面提供服务。 (结构与本教程中的结构非常相似:https://thinkster.io/angular-rails)。
如果由于某种原因,应用程序无法识别设计的辅助方法,例如:current_user或user_signin?等问题。目前,任何人都可以向/ api / users发出请求并获取带有该信息的JSON。
例如,如果我们将此代码添加到/controllers/api/employees_controller.rb并且您在浏览器中向/ api / employees /:id发出请求,则无论是否已记录,都会获得JSON
def show
@employee = Employee.find(params[:id])
respond_to do |format|
format.json{
if user_signed_in? then
render text: @employee.to_json, status: 200
else
render :json => nil, status: 422
end
}
end
end
注意:在此应用程序中,实体“Employee”是一种“User”
我已尝试过这篇文章Rails devise: user_signed_in? not working中提到的解决方案,但它对我不起作用
以下是我认为可以为这个问题提供一些启示的代码的所有部分
/controllers/api/users/sessions_controller.rb
module Api
class Users::SessionsController < Devise::SessionsController
before_filter :configure_sign_in_params, only: [:create]
#Devise couldn't find "users_url" so just defining it here (500 error)
def users_url
:root_path
end
# GET /resource/sign_in
def new
super
end
# POST /resource/sign_in
def create
user = User.new
if ( params[:user][:email] == "" || params[:user][:password] == "") then
render json: {errors: "Insufficient data provided (user and/or password)"}.to_json, status: :bad_request
elsif User.find_by_email(params[:user][:email]).present?
user = User.find_by_email(params[:user][:email])
if user.valid_password?(params[:user][:password]) then
sign_in :user, user
render json: user.to_json(only: [:id, :email, :name, :last_name, :type, :company_id,:configuration,:phone]), status: :created
else
render json: {errors: "Wrong password."}.to_json, status: :unauthorized
end
else
render json: {errors: "Could not find user with that email."}.to_json, status: :unauthorized
end
end
# DELETE /resource/sign_out
def destroy
puts "HEEEEY"
end
# protected
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_in_params
devise_parameter_sanitizer.for(:sign_in) << :attribute
end
end
end
模型/ user.rb
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable#, :confirmable
scope :admins, -> { where(admin: true) }
validates :email, presence: true
validates :name, presence: true, length: { in: 1..50 }
end
配置/ routes.rb中
Rails.application.routes.draw do
namespace :api, defaults: {format: :json} do
resources :contacts
resources :job_application
# devise_for :admins, controllers: {sessions: 'admins/sessions'}
# devise_for :employees, controllers: {sessions: 'employees/sessions'}
devise_for :users, controllers: {
sessions: 'api/users/sessions',
registrations: 'api/users/registrations',
}
devise_for :employees, controllers: {
sessions: 'api/employees/sessions',
registrations: 'api/employees/registrations',
}
如果您需要代码的任何其他部分,请告诉我们。
非常感谢!