使用auth和JWT制作了一个ror api,以提供一个React应用。在开发环境(localhost)中,一切正常。部署到heroku之后,我开始出现该错误。我根据heroku的rails文档进行了部署:https://devcenter.heroku.com/articles/getting-started-with-rails5
当我尝试“注册”或“签名”时,请求失败,状态码为500。真正奇怪的是,在heroku Rails控制台中创建了用户,但我没有将令牌返回到json中。这是我的React应用发出的呼叫:
axios.post('https://hidden-ocean-49877.herokuapp.com/signup', {withCredentials: true,
name: name, email: email, password: password, password_confirmation: passwordConfirmation})
.then(response => {
login(true);
tokenize(response.data.auth_token);
}).catch(error => console.log(error));
这是heroku日志中的日志:
2020-02-29T21:43:16.041318+00:00 heroku[router]: at=info method=POST path="/signup" host=hidden-ocean-49877.herokuapp.com request_id=7cd577ad-c7c5-4fa7-aa99-91b4b8e49772 fwd="189.214.5.88" dyno=web.1 connect=1ms service=977ms status=500 bytes=421 protocol=https
2020-02-29T21:43:16.038685+00:00 app[web.1]: I, [2020-02-29T21:43:16.038582 #4] INFO -- : [7cd577ad-c7c5-4fa7-aa99-91b4b8e49772] Completed 500 Internal Server Error in 925ms (ActiveRecord: 29.5ms)
2020-02-29T21:43:16.039125+00:00 app[web.1]: F, [2020-02-29T21:43:16.039063 #4] FATAL -- : [7cd577ad-c7c5-4fa7-aa99-91b4b8e49772]
2020-02-29T21:43:16.039179+00:00 app[web.1]: F, [2020-02-29T21:43:16.039120 #4] FATAL -- : [7cd577ad-c7c5-4fa7-aa99-91b4b8e49772] TypeError (no implicit conversion of nil into String):
2020-02-29T21:43:16.039221+00:00 app[web.1]: F, [2020-02-29T21:43:16.039178 #4] FATAL -- : [7cd577ad-c7c5-4fa7-aa99-91b4b8e49772]
2020-02-29T21:43:16.039264+00:00 app[web.1]: F, [2020-02-29T21:43:16.039226 #4] FATAL -- : [7cd577ad-c7c5-4fa7-aa99-91b4b8e49772] app/lib/json_web_token.rb:9:in `encode'
2020-02-29T21:43:16.039264+00:00 app[web.1]: [7cd577ad-c7c5-4fa7-aa99-91b4b8e49772] app/auth/authenticate_user.rb:9:in `call'
2020-02-29T21:43:16.039264+00:00 app[web.1]: [7cd577ad-c7c5-4fa7-aa99-91b4b8e49772] app/controllers/users_controller.rb:6:in `create'
上面描述的文件是这些文件:
用户控制器
class UsersController < ApplicationController
skip_before_action :authorize_request, only: :create
def create
user = User.create!(user_params)
auth_token = AuthenticateUser.new(user.email, user.password).call
response = { message: Message.account_created, auth_token: auth_token }
json_response(response, :created)
end
private
def user_params
params.permit(
:name,
:email,
:password,
:password_confirmation
)
end
end
在app / auth / authenticate_user.rb中:
class AuthenticateUser
def initialize(email, password)
@email = email
@password = password
end
# Service entry point
def call
JsonWebToken.encode(user_id: user.id) if user
end
private
attr_reader :email, :password
def user
user = User.find_by(email: email)
return user if user && user.authenticate(password)
raise(ExceptionHandler::AuthenticationError, Message.invalid_credentials)
end
end
在app / lib / json_web_token.rb中:
class JsonWebToken
# secret to encode and decode token
HMAC_SECRET = Rails.application.secrets.secret_key_base
def self.encode(payload, exp = 24.hours.from_now)
# set expiry to 24 hours from creation time
payload[:exp] = exp.to_i
# sign token with application secret
JWT.encode(payload, HMAC_SECRET)
end
def self.decode(token)
# get payload; first index in decoded Array
body = JWT.decode(token, HMAC_SECRET)[0]
HashWithIndifferentAccess.new body
# rescue from all decode errors
rescue JWT::DecodeError => e
# raise custom error to be handled by custom handler
raise ExceptionHandler::InvalidToken, e.message
end
end
答案 0 :(得分:2)
从堆栈跟踪判断,该错误发生在app/lib/json_web_token.rb#9中。我怀疑该错误发生在:
HMAC_SECRET = Rails.application.secrets.secret_key_base
然后在以下位置引发类型错误:
JWT.encode(payload, HMAC_SECRET)
您的rails版本是否有可能使用一种新的方式来获取secret_key_base,如下所述:Rails 5.2 application secrets empty at Heroku
尝试在产品控制台中运行Rails.application.secrets.secret_key_base,看看它是否返回任何内容。
答案 1 :(得分:0)
改为使用
HMAC_SECRET = Rails.application.secret_key_base