我有一个rails 4项目,我在那里使用DeviseTokenAuth。 一切正常,但我想拒绝具有特定状态的用户访问权限。 所以基本上
if user.status == :locked => Account :unauthorized
所以这就是我到目前为止所做的事情
class SessionsController < DeviseTokenAuth::SessionsController
def new
super
end
def create
super
render json: { error: "Account is locked MOFO " }, status: :unauthorized if current_user.status.to_sym == :locked
end
end
但是当我这样做时,我得到了:
AbstractController::DoubleRenderError - Render and/or redirect were called multiple times in this action. Please notethat you may only call render OR redirect, and at most once per action. Also note that neither redirect nor render terminate execution of the action, so if you want to exit an action after redirecting, you need to do something like "redirect_to(...) and return".:
有什么想法吗?
感谢
答案 0 :(得分:2)
发生此错误是因为从会话控制器create方法调用了双重渲染方法。一种选择是覆盖render_create_success方法以获得所需的结果。
class SessionsController < DeviseTokenAuth::SessionsController
protected
def render_create_success
if current_user.status.to_sym == :locked
render json: { error: "Account is locked MOFO " }, status: :unauthorized
else
super
end
end
end