ruby-on-rails - 未通过授权(设计身份验证令牌)
问题描述
我正在使用Devise auth token gem 来验证我的 rails 应用程序的某些部分。但是当我尝试登录时,我收到以下错误:
POST http://localhost:3000/auth/sign_in 500(内部服务器错误)
这是完整的跟踪:
在 2018-05-30 09:29:36 +0500 开始 POST "/auth/sign_in" for 10.12.4.5 +0500 由 DeviseTokenAuth::SessionsController#create as JSON 参数处理:{"login"=>"admin", "password" =>"[FILTERED]", "session"=>{"login"=>"admin", "password"=>"[FILTERED]"}} 14ms 内完成 500 内部服务器错误 (ActiveRecord: 0.0ms)
NoMethodError(未定义的方法“每个”
):
devise_token_auth (0.1.43) app/controllers/devise_token_auth/application_controller.rb:35:in
params_for_resource' devise_token_auth (0.1.43) app/controllers/devise_token_auth/sessions_controller.rb:129:in
resource_params' devise_token_auth (0.1.43) app/controllers/devise_token_auth/sessions_controller.rb:13:increate' actionpack (5.1.6) lib/action_controller/metal/basic_implicit_render.rb:4:in
send_action' actionpack (5.1.6) lib/ abstract_controller/base.rb:186:inprocess_action' actionpack (5.1.6) lib/action_controller/metal/rendering.rb:30:in
process_action' actionpack (5.1.6) lib/abstract_controller/callbacks.rb:20:inblock in process_action' activesupport (5.1.6) lib/active_support/callbacks.rb:131:in
run_callbacks' actionpack (5.1.6) lib/abstract_controller/callbacks.rb:19:inprocess_action' actionpack (5.1.6) lib/action_controller/metal/rescue.rb:20:in
process_action' actionpack (5.1.6) lib/action_controller/metal/instrumentation.rb:32:block in process_action' activesupport (5.1.6) lib/active_support/notifications.rb:166:in
in 仪器的 activesupport (5.1.6) lib/active_support/notifications/instrumenter.rb:21:ininstrument' activesupport (5.1.6) lib/active_support/notifications.rb:166:in
仪器的 actionpack (5.1.6) 库中的块/action_controller/metal/instrumentation.rb:30:inprocess_action' actionpack (5.1.6) lib/action_controller/metal/params_wrapper.rb:252:in
process_action' activerecord (5.1.6) lib/active_record/railties/controller_runtime.rb:22:inprocess_action' actionpack (5.1.6) lib/abstract_controller/base.rb:124:in
process' actionpack (5.1.6) lib/action_controller/metal.rb:189:indispatch' actionpack (5.1.6) lib/action_controller/metal.rb:253:in
dispatch' actionpack (5.1.6) lib/ action_dispatch/routing/route_set.rb:49:indispatch' actionpack (5.1.6) lib/action_dispatch/routing/route_set.rb:31:in
serve' actionpack (5.1.6) lib/action_dispatch/routing/mapper.rb:16:inblock in <class:Constraints>' actionpack (5.1.6) lib/action_dispatch/routing/mapper.rb:46:in
serve' actionpack (5.1.6) lib/action_dispatch/journey/router.rb: 50:inblock in serve' actionpack (5.1.6) lib/action_dispatch/journey/router.rb:33:in
each' actionpack (5.1.6) lib/action_dispatch/journey/router.rb:33:in call'wardenserve' actionpack (5.1.6) lib/action_dispatch/routing/route_set.rb:844:in
(1.2.7) lib/warden/manager.rb:36:inblock in call' warden (1.2.7) lib/warden/manager.rb:35:in
catch'warden (1.2.7 ) lib/warden/manager.rb:35:incall' rack (2.0.5) lib/rack/etag.rb:25:in
call' rack (2.0.5) lib/rack/conditional_get.rb:38:incall' rack (2.0.5) lib/rack/head.rb:12:in
call' activerecord (5.1.6) lib/active_record/migration.rb:556:incall' actionpack (5.1.6) lib/action_dispatch/middleware/callbacks.rb:26:in
阻止调用'activesupport (5.1.6) lib/active_support/callbacks.rb:97:inrun_callbacks' actionpack (5.1.6) lib/action_dispatch/middleware/callbacks.rb:24:in
call' actionpack (5.1.6) lib/action_dispatch/middleware/executor.rb:12:incall' actionpack (5.1.6) lib/action_dispatch/middleware/debug_exceptions.rb:59:in
call' actionpack (5.1.6) lib/action_dispatch/middleware/show_exceptions.rb:31:incall' railties (5.1.6) lib/rails/rack/logger.rb:36:in
call_app' railties (5.1.6) lib/rails/rack/logger.rb:24:inblock in call' activesupport (5.1.6) lib/active_support/tagged_logging.rb:69:in
block in tagged' activesupport (5.1.6) lib/active_support/tagged_logging. rb:26:intagged' activesupport (5.1.6) lib/active_support/tagged_logging.rb:69:in
tagged' railties (5.1.6) lib/rails/rack/logger.rb:24:incall' actionpack (5.1.6) lib/action_dispatch/middleware/remote_ip.rb:79:in
call' actionpack (5.1.6) lib/action_dispatch/middleware/request_id.rb:25:incall' rack (2.0.5) lib/rack/runtime.rb:22:in
call' activesupport (5.1.6) lib/active_support/cache/strategy/local_cache_middleware.rb:27:incall' actionpack (5.1.6) lib/action_dispatch/middleware/executor.rb:12:in
call' actionpack (5.1.6) lib/action_dispatch/middleware/static.rb:125:incall' rack (2.0.5) lib/rack/sendfile.rb:111:in
call' rack-cors (1.0.2) lib/rack/cors.rb:97:incall' railties (5.1.6) lib/rails/engine.rb:522:in
call' puma (3.11.4) lib/puma/configuration.rb:225:incall' puma (3.11.4) lib/puma/server.rb:632:in
handle_request' puma (3.11.4) lib/ puma/server.rb:446:inprocess_client' puma (3.11.4) lib/puma/server.rb:306:in
block in run' puma (3.11.4) lib/puma/thread_pool.rb:120:in `block in spawn_thread'
如何修复错误?
application_controller.rb:
class ApplicationController < ActionController::API
include DeviseTokenAuth::Concerns::SetUserByToken
before_action :configure_permitted_parameters, if: :devise_controller?
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up) { |u| u.permit(:login, :first_name, :patronymic, :last_name, :email, :password, :password_confirmation) }
devise_parameter_sanitizer.permit(:sign_in) { |u| u.permit(:login, :password) }
devise_parameter_sanitizer.permit(:account_update) { |u| u.permit(:password, :password_confirmation, :current_password) }
end
end
用户.rb:
class User < ActiveRecord::Base
self.table_name = 'DASHBOARD.V_L_USERS'
self.primary_key = 'user_id'
devise :database_authenticatable, :validatable, :authentication_keys => [:login]
include DeviseTokenAuth::Concerns::User
has_many :permission_references, as: :source
accepts_nested_attributes_for :permission_references, :allow_destroy => true
has_many :user_roles
has_many :spr_dashboards, foreign_key: 'l_users_id'
accepts_nested_attributes_for :user_roles, :allow_destroy => true
def email_required?
false
end
def password_required?
false
end
def is_participant
(read_attribute(:is_participant) == "Y")
end
def is_participant=(value)
write_attribute(:is_participant, (value == "1") ? "Y" : "N")
end
def children_users_ids
ActiveRecord::Base.connection.select_values <<-SQL.strip_heredoc
SELECT l_users_id_right
FROM DASHBOARD.V_L_USERS_RIGHTS
WHERE l_users_id = #{user_id}
SQL
end
end
路线.rb:
Rails.application.routes.draw do
mount_devise_token_auth_for 'User', at: 'auth'
end
解决方案
看起来 devise_parameter_sanitizer 不支持块。https://github.com/lynndylanhurley/devise_token_auth/issues/758#issuecomment-280797969
推荐阅读
- reactjs - 有没有办法将 React.createElement 附加到现有的 div 中?
- nginx - 如何在 docker-compose 中配置 nginx 代理?
- ios - Xamarin IOS 中的 UILongPressGestureRecognizer
- nested - 带有 R 的 ANOVA 中的交叉与嵌套效应
- nuxt.js - 故事书运行问题,我该如何解决?
- postgresql - 如何在 postgresql 中为 case 语句添加 where 子句 <> 0?
- spring-cloud-vault-config - Spring Cloud Vault 从共享文件加载 Vault 令牌
- google-analytics - 在 Google Analytics 中跟踪注册事件作为目标
- c# - 在当前工作的监视器上保留 WPF 窗口(在多监视器设置中)[关闭/重复]
- python - Django:如何检查用户是否修改了字段?