与常规设计gem的this question类似,使用devise_token_auth gem显示相同的结果 - 验证错误在json响应中出现两次!?
来自日志:
Processing by DeviseTokenAuth::RegistrationsController#create as JSON
Parameters: {"name"=>"Mickey Mouse", "email"=>"mickeymouse@gmail.com", "password"=>"[FILTERED]", "confirmPassword"=>"[FILTERED]", "confirm_success_url"=>"http://localhost:4200/register", "registration"=>{"name"=>"Mickey Mouse", "email"=>"mickeymouse@gmail.com", "password"=>"[FILTERED]", "confirmPassword"=>"[FILTERED]", "confirm_success_url"=>"http://localhost:4200/register"}}
Unpermitted parameters: :confirmPassword, :confirm_success_url, :registration
Unpermitted parameters: :confirmPassword, :confirm_success_url, :registration
(0.2ms) BEGIN
User Exists (0.9ms) SELECT 1 AS one FROM "users" WHERE "users"."email" = $1 LIMIT $2 [["email", "mickeymouse@gmail.com"], ["LIMIT", 1]]
(0.8ms) SELECT COUNT(*) FROM "users" WHERE "users"."provider" = $1 AND "users"."email" = $2 [["provider", "email"], ["email", "mickeymouse@gmail.com"]]
(0.3ms) ROLLBACK
Completed 422 Unprocessable Entity in 247ms (Views: 0.7ms | ActiveRecord: 6.9ms)
请注意,unpermitted_parameters行显示两次 - 这似乎表示奇怪(这些行不通过Postman显示)。
我的用户模型没有任何额外的标准指南,所以我绝对没有在我的模型上有2个唯一性或状态验证,并且检查gem的源代码它似乎也没有。
以下是模型:
class User < ActiveRecord::Base
# Include default devise modules.
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:confirmable, :omniauthable
include DeviseTokenAuth::Concerns::User
end
如果我从Postman调用此端点,我会得到相同的结果,这里是返回的json:
{
"status": "error",
"data": {
"id": null,
"account_id": null,
"provider": "email",
"uid": "",
"name": null,
"nickname": null,
"image": null,
"email": "mickeymouse@gmail.com",
"created_at": null,
"updated_at": null
},
"errors": {
"email": [
"has already been taken",
"has already been taken"
],
"full_messages": [
"Email has already been taken",
"Email has already been taken"
]
}
}
使用angular2-token库从Angular2调用Rails API,但这显然不是问题(从Postman提供结果)。
我怎样才能找到原因?或者我如何修补宝石以消除第二个错误?
更新
如果我从模型中删除:validatable并进行自己的验证:
validates_uniqueness_of :email
我得到了相同的结果,这很奇怪。
答案 0 :(得分:2)
编辑:此问题已已修复,只需升级您的宝石! &GT; v0.1.43.beta1
我发现在github上报告了the issue。
解决方法是删除:validatable(电子邮件唯一性仍将触发)然后滚动您自己的验证密码确认,如该问题所示(请参阅stephanebruckert的响应)并在此处转载:
引用: “validatable验证了电子邮件和密码,这就是为什么我们不应该在模型中执行任何操作,否则它将被验证两次。在我的情况下,只有电子邮件被验证两次,而我没有添加任何额外的在我的模型中进行验证。所以我最终删除了validatable并对密码和password_confirmation进行了自己的验证:“
validates_presence_of :password, on: :create
validates :password,
length: { minimum: 8 },
allow_blank: true
validate :password_complexity
validates_confirmation_of :password
validates_presence_of :password_confirmation, if: lambda {| u| u.password.present? }
private
def password_complexity
return unless password
if password.include?(username) || !password.match(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)./)
errors.add(:password, "Must include at least one lowercase letter, one uppercase letter and one digit")
end
end
虽然这确实解决了重复的电子邮件错误,但我现在得到'password_confirmation不能为空错误'...这导致了一个兔子洞以发现this issue。您需要阅读所有内容,但基本上,api应不强制执行密码确认值(仅在表单本身中需要):)