我有一个反应前端和一个只有后端的rails 5 api,我正在尝试让simple_token_authentication宝石工作。我在尝试sign_in时遇到此错误:
Started POST "/users/sign_in.json" for 100.38.166.199 at 2017-05-05 02:31:24 +0000
Processing by Users::SessionsController#create as JSON
Parameters: {"email"=>"test17@example.com", "password"=>"[FILTERED]", "session"=>{"email"=>"test17@example.com", "password"=>"[FILTERED]"}}
Completed 401 Unauthorized in 2ms (ActiveRecord: 0.0ms)
我怀疑它与CSRF有关。我有时会收到CSRF真实性错误消息,但奇怪的是并不总是
以下是我的路线:
Rails.application.routes.draw do
devise_for :users, controllers: {
sessions: 'users/sessions',
registrations: 'users/registrations'
}
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
scope module: 'api' do
namespace :v1 do
resources :properties
end
end
end
我的应用程序控制器(我有,因为我也在使用ActiveAdmin)
class ApplicationController < ActionController::Base
respond_to :json
acts_as_token_authentication_handler_for User, fallback_to_devise: false
end
这就是客户端上的帖子请求
export function signinUser({ email, password }) {
return function(dispatch){
//submit email password to the server
axios.post(`${ROOT_URL}/users/sign_in.json`, { email, password })
.then(response => {
//if request is good, update state to indicate user is authenticated
dispatch({ type: AUTH_USER});
//-save the jwt token
localStorage.setItem('authentication_token', response.data.token);
//-redirect route somewhere
browserHistory.push('/test');
})
.catch( error => {
//if request is bad, show an error to the user
dispatch(authError(error));
})
};
}
答案 0 :(得分:0)
尝试:
acts_as_token_authentication_handler_for User, fallback: :exception
请注意,fallback: :none或fallback: :exception语法优先于fallback_to_devise: false。