时间戳

首页 > 解决方案 > 记住我的会员所有用户,即使他们不想被记住

ruby-on-rails - 记住我的会员所有用户,即使他们不想被记住

问题描述

记住我工作不正常。

我希望它如何工作 -> 在登录时,如果用户选中记住我复选框应用程序应该记住它,否则它不需要记住用户。

但目前,即使用户没有选中记住我复选框,它也会记住它。

应用控制器:

   class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception

  helper_method :current_user, :logged_in?, :logged_in_user, :current_user?, :forget

  before_action :set_cache_buster

  def log_in(user)
    session[:user_id] = user.id
  end

  def current_user
    if (user_id = session[:user_id])
       @current_user ||= User.find_by(id: user_id)
    elsif (user_id = cookies.signed[:user_id])
       user = User.find_by(id: user_id)
    end
  end

  def logged_in?
    !current_user.nil?
  end


  def logged_in_user
    unless logged_in?
      flash[:danger] = 'Please log in.'
      redirect_to new_sessions_path
    end
  end

  def current_user?(user)
    user == current_user
  end

  private

  def set_cache_buster
    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
    response.headers['Pragma'] = 'no-cache'
    response.headers['Expires'] = 'Fri, 01 Jan 1990 00:00:00 GMT'
  end
end

会话控制器

class SessionsController < ApplicationController
    def new
    end

  def create
     user = User.find_by_email(params[:email])
     if user && user.authenticate(params[:password])
      if params[:remember_me] == 1
        log_in user
        token = SecureRandom.urlsafe_base64
        user.auth_token = token
        cookies.permanent.signed[:auth_token] = token
        redirect_to user
  else
       log_in user
       user.auth_token = nil
       cookies[:auth_token] = nil
       redirect_to user
  end


     else
       flash.now[:danger] = 'Invalid email/password combination'
       render 'new'
     end
   end

   def destroy
       @current_user = nil
       cookies[:auth_token] = nil
       reset_session
       redirect_to root_path
   end

end

我尝试了什么:

  def create
     user = User.find_by_email(params[:email])
     if user && user.authenticate(params[:password])

       if params[:remember_me] == 1
         log_in user
         token = SecureRandom.urlsafe_base64
         user.auth_token = token
         cookies.permanent.signed[:auth_token] = token
         redirect_to user
      else
        # log_in user
         user.auth_token = nil
         cookies[:auth_token] = nil
         redirect_to user
      end

     else
       flash.now[:danger] = 'Invalid email/password combination'
       render 'new'
     end
   end

我在上面的代码中注释了登录用户行。什么是不让用户登录复选框没有打勾。有效。但是然后...如果部分代码...我评论了log_in行

   if params[:remember_me] == 1
          #   log_in user
             token = SecureRandom.urlsafe_base64
             user.auth_token = token
             cookies.permanent.signed[:auth_token] = token
             redirect_to user
          else

如果勾选复选框,用户不应该让用户登录,但它确实让用户登录。

出于某种原因,我认为会话控制器中的“如果”永远不会起作用。

session#new -- 登录页面 --

<div class="row">
  <div class="col-md-offset-3 col-md-7" style="text-align: center;">
    <h2><b>Log In</b></h2>
  </div>
</div>
<div class="row">
  <div  class="col-md-offset-3 col-md-7">
    <%= form_with url: sessions_path do |form| %>
      <div class="form-group">
          <%= form.label :email %>
          <%= form.text_field :email, class: "form-control" %>
      </div>
      <div class="form-group">
          <%= form.label :password %>
          <%= form.text_field :password, class: "form-control" %>
      </div>
      <div class="field">
          <%= form.label :"remember_me" %>
          <%= form.check_box :remember_me %>
      </div>

     <%= form.submit "Login", class: "btn btn-primary btn-block" %>
    <% end %>
  </div>
</div>

标签: ruby-on-railsruby-on-rails-5ruby-on-rails-6

解决方案

推荐阅读