Ruby on rails 4 RubyonRails登录系统和注册页面问题
Ruby on Rails应用程序。问题是在登录系统中添加了一个注册页,该系统目前只支持登录和注销。注册页总是出现类似“此网页有重定向循环”的错误 这是我的会话控制器Ruby on rails 4 RubyonRails登录系统和注册页面问题,ruby-on-rails-4,Ruby On Rails 4,Ruby on Rails应用程序。问题是在登录系统中添加了一个注册页,该系统目前只支持登录和注销。注册页总是出现类似“此网页有重定向循环”的错误 这是我的会话控制器 class SessionsController < ApplicationController skip_before_action :ensure_login, only:[:new ,:create] skip_around_action :ensure
class SessionsController < ApplicationController
skip_before_action :ensure_login, only:[:new ,:create]
skip_around_action :ensure_signup, only:[:new , :create]
def new
#Login Paage -- New.Html.erb
end
def create
user = User.find_by(username: params[:user][:username])
password = params[:user][:password]
if user && user.authenticate(password)
session[:user_id] = user.id
redirect_to root_path, notice:"Logged in successfully"
else
redirect_to login_path, alert:"Invalid username/password combination"
end
end
def destroy
reset_session #wipe out session and everything in it
redirect_to login_path, notice:"You Have been logged out"
end
end
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :ensure_login
before_action :ensure_signup
helper_method :logged_in?, :current_user
protected
def ensure_signup
redirect_to(signup_url)
end
def ensure_login
redirect_to login_path unless session[:user_id]
end
def logged_in?
session[:user_id] # nil is false
end
def current_user
@current_user ||= User.find(session[:user_id])
end
end
class sessioncontroller class SessionsController < ApplicationController
skip_before_action :ensure_login, only:[:new ,:create]
skip_around_action :ensure_signup, only:[:new , :create]
def new
#Login Paage -- New.Html.erb
end
def create
user = User.find_by(username: params[:user][:username])
password = params[:user][:password]
if user && user.authenticate(password)
session[:user_id] = user.id
redirect_to root_path, notice:"Logged in successfully"
else
redirect_to login_path, alert:"Invalid username/password combination"
end
end
def destroy
reset_session #wipe out session and everything in it
redirect_to login_path, notice:"You Have been logged out"
end
end
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :ensure_login
before_action :ensure_signup
helper_method :logged_in?, :current_user
protected
def ensure_signup
redirect_to(signup_url)
end
def ensure_login
redirect_to login_path unless session[:user_id]
end
def logged_in?
session[:user_id] # nil is false
end
def current_user
@current_user ||= User.find(session[:user_id])
end
end
class ApplicationController有什么想法吗?8个月前,当我第一次开始学习ruby on rails时,我就遇到了这个问题,如果有人构建了自己的登录系统,我建议使用Desive,因为gem中有很多强大的功能 我在users controller中使用skip_before_操作来解决此问题,因为应用程序控制器中的Sure_login方法在用户未登录时锁定整个应用程序,如下所示
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :ensure_login
helper_method :logged_in?, :current_user
protected
def ensure_login
redirect_to login_path unless session[:user_id]
end
def logged_in?
session[:user_id] # nil is false
end
def current_user
@current_user ||= User.find(session[:user_id])
end
class ApplicationController class UsersController < ApplicationController
skip_before_action :ensure_login ,only:[:new ,:create] #using this helper here allows for the creation of new users.
def new
@user = User.new
end
def create
@user = User.new(user_params)
if @user.save
flash[:notice] = "User has been created."
redirect_to root_path #which may be login page in my case because ensure_login
else
flash.now[:alert] = "User has not been created."
render "new"
end
end
private
def user_params
params.require(:user).permit(:email, :password )
end
end
class UsersControllerclass ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_action :ensure_login
helper_method :logged_in?, :current_user
protected
def ensure_login
redirect_to login_path unless session[:user_id]
end
def logged_in?
session[:user_id] # nil is false
end
def current_user
@current_user ||= User.find(session[:user_id])
end
class ApplicationController class UsersController < ApplicationController
skip_before_action :ensure_login ,only:[:new ,:create] #using this helper here allows for the creation of new users.
def new
@user = User.new
end
def create
@user = User.new(user_params)
if @user.save
flash[:notice] = "User has been created."
redirect_to root_path #which may be login page in my case because ensure_login
else
flash.now[:alert] = "User has not been created."
render "new"
end
end
private
def user_params
params.require(:user).permit(:email, :password )
end
end
class UsersController