Rails 本地 RubyChina Devise 登录失败

michael_roshen · 2014年11月28日 · 最后由 yangman_wenzhu 回复于 2015年10月14日 · 3020 次阅读

昨天在项目中突然发现 rails4 中 devise 登录跳转到首页的时候,用户并没有登录成功,current_user 为 nil, 也没有任何报错信息

之前 clone 了 rubychina 的代码,之前在本地运行正常,想看一下 rubychina 是如何处理的,但是发现 rubychina 也登录不上去了 而且还有错误信息:(之前还是可以用的,难道是我的环境问题吗?gem 'rails', '4.2.0.beta2' + devise (3.4.0))

Can't verify CSRF token authenticity
Unpermitted parameters: login, remember_me

查看了 rubyChina 的代码,login, remember_me 也确实没有加入到 Strongparameters 中

application_controller.rb:

if devise_controller?
   devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(*User::ACCESSABLE_ATTRS) }
   devise_parameter_sanitizer.for(:account_update) { |u| u.permit(*User::ACCESSABLE_ATTRS) }
   devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(*User::ACCESSABLE_ATTRS) }
 end

user.rb:

ACCESSABLE_ATTRS = 
[:name, :email_public, :location, :company, :bio, :website, :github, 
:twitter, :tagline, :avatar, :by, :current_password, :password, :password_confirmation
]

下面是我的测试代码:

详细代码: gemfile:

# 用户系统 
gem 'devise', '~> 3.4.0'
gem 'devise-encryptable', '0.1.2'
# Use ActiveModel has_secure_password
# gem 'bcrypt', '~> 3.1.7'

# Mongoid 辅助插件
gem 'mongoid', '4.0.0'
gem 'mongoid_auto_increment_id', '0.6.4'
gem 'mongoid_rails_migrations', '1.0.0'

ApplicationController:

class ApplicationController < ActionController::Base

  protect_from_forgery with: :exception

  before_action :authenticate_user!, :except => [:index] 

  skip_before_filter :verify_authenticity_token

  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected
  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:email, :password, :remember_me) }
    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation) }
    devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:email, :password, :password_confirmation, :current_password ) }
  end
end

routes:

root to: "home#index"
devise_for :users

sign_in log:

Started POST "/users/sign_in" for ::1 at 2014-11-28 10:20:34 +0800
Processing by Devise::SessionsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"AU9pxSUqAJagMNxqB/ixCxOwK/J2ywXhCQEwgWTvtBxoDSEi6MD7Uj8q147iHzAvOoA3COqQssOTTYcr9niOJoLw==", "user"=>{"email"=>"test@163.com", "password"=>"[FILTERED]", "remember_me"=>"1"}, "commit"=>"Log in"}
  MOPED: 127.0.0.1:27017 COMMAND      database=admin command={:ismaster=>1} runtime: 1.1180ms
  MOPED: 127.0.0.1:27017 QUERY        database=test_devise_rails4_development collection=users selector={"$query"=>{"email"=>"test@163.com"}, "$orderby"=>{:_id=>1}} flags=[] limit=-1 skip=0 batch_size=nil fields=nil runtime: 1.2660ms
  MOPED: 127.0.0.1:27017 UPDATE       database=test_devise_rails4_development collection=users selector={"_id"=>1} update={"$set"=>{"remember_created_at"=>2014-11-28 02:20:35 UTC}} flags=[]
                         COMMAND      database=test_devise_rails4_development command={:getlasterror=>1, :w=>1} runtime: 1.5890ms
  MOPED: 127.0.0.1:27017 UPDATE       database=test_devise_rails4_development collection=users selector={"_id"=>1} update={"$set"=>{"last_sign_in_at"=>2014-11-28 02:19:45 UTC, "current_sign_in_at"=>2014-11-28 02:20:35 UTC, "sign_in_count"=>15}} flags=[]
                         COMMAND      database=test_devise_rails4_development command={:getlasterror=>1, :w=>1} runtime: 1.3860ms
Redirected to http://localhost:3000/
Completed 302 Found in 131ms (ActiveRecord: 0.0ms)
::1 - - [28/Nov/2014:10:20:35 +0800] "POST /users/sign_in HTTP/1.1" 302 - 0.3751

请问这个问题你解决了么? 我也遇到同样问题了?

需要 登录 后方可回复, 如果你还没有账号请点击这里 注册