ruby-on-rails - Completed 401 Unauthorized - 设计 devise_parameter_sanitizer 不允许任何值
问题描述
我是 Rails 的新手,卡在这里..你能帮我解决这个问题吗?
安慰
Started POST "/users/sign_in" for ::1 at 2020-03-25 11:46:10 +0530
Processing by Users::SessionsController#create as HTML
Parameters: {"authenticity_token"=>"seSNKhVVbrFM+XALvQExwMNxI1KY74or3Cy6Y0wYnU7RLjC6uuaM057jKmQ73a0g84qQNnOVREL0RZ6AuarGQA==", "user"=>{"email"=>"yadu@g.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
================================
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."email" = ? ORDER BY "users"."id" ASC LIMIT ? [["email", "yadu@g.com"], ["LIMIT", 1]]
↳ app/controllers/users/sessions_controller.rb:16:in `create'
Completed 401 Unauthorized in 248ms (ActiveRecord: 0.3ms | Allocations: 1519)
Started GET "/users/sign_in" for ::1 at 2020-03-25 11:46:10 +0530
Processing by Users::SessionsController#new as HTML
Rendering devise/sessions/new.html.erb within layouts/application
Rendered devise/shared/_links.html.erb (Duration: 1.0ms | Allocations: 525)
session_controller.rb
class Users::SessionsController < Devise::SessionsController
before_action :configure_sign_in_params, only: [:create]
# GET /resource/sign_in
def new
super
end
# POST /resource/sign_in
def create
logger.debug "================================ #{configure_sign_in_params}"
super
end
# DELETE /resource/sign_out
def destroy
super
end
private
# If you have extra params to permit, append them to the sanitizer.
def configure_sign_in_params
devise_parameter_sanitizer.permit(:sign_in) { |u| u.permit( :email, :password ) }
# params.require(:user).permit(:email, :password, :remember_me)
end
end
路线.rb
devise_for :users, controllers: { omniauth_callbacks: 'users/omniauth',sessions: 'users/sessions'}
resources :users
resources :product_categories
配置/初始化程序/devise.rb
# Use this hook to configure devise mailer, warden hooks and so forth.
# Many of these configuration options can be set straight in your model.
Devise.setup do |config|
config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
config.case_insensitive_keys = [:email]
config.strip_whitespace_keys = [:email]
config.stretches = Rails.env.test? ? 1 : 11
config.reconfirmable = true
# Invalidates all the remember me tokens when the user signs out.
config.expire_all_remember_me_on_sign_out = true
config.password_length = 6..128
config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
config.timeout_in = 30.minutes
config.reset_password_within = 6.hours
config.omniauth :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET'], scope: 'public_profile,email'
config.omniauth :github, ENV['GITHUB_APP_ID'], ENV['GITHUB_APP_SECRET'], scope: 'user,public_repo'
config.omniauth :google_oauth2, ENV['GOOGLE_APP_ID'], ENV['GOOGLE_APP_SECRET'], scope: 'userinfo.email,userinfo.profile'
config.omniauth :twitter, ENV['TWITTER_APP_ID'], ENV['TWITTER_APP_SECRET']
end
问题
我可以成功注册用户,但无法使用该用户登录。它当时显示 401 未经授权。貌似参数到达了 configuration_sign_in_params 方法,但是 configuration_sign_in_params 方法的返回值为空。
所有这些问题都是从我使用社交帐户设置登录时开始的......在此之前一切都很好。
解决方案
推荐阅读
- python - Tkinter如何在B1-Motion超出小部件时禁用滚动
- php - 如果使用 PHP 未找到,则使用默认值进行正则表达式分组
- android - 如何让我的凌空 GET 请求从非安全协议返回信息?
- javascript - 不同按钮的切换功能
- java - 我可以使用带有 label.setText 的 void 方法吗?
- angular - 无法扩展垫行
- command-line - WinSCP 命令行 - 使用 -rawtransfersettings 开关时命令“打开”的参数过多
- azure-devops - 让多阶段构建使用与触发构建相同的分支
- python - 如何创建简单的自定义热图?
- android - 离线 Mapbox 混乱