Ruby on rails 4 DeviceTokenAuth控制器的强参数覆盖
我在Rails 4.2上使用gem,并且我在Ruby on rails 4 DeviceTokenAuth控制器的强参数覆盖,ruby-on-rails-4,devise,ruby-on-rails-4.2,http-token-authentication,Ruby On Rails 4,Devise,Ruby On Rails 4.2,Http Token Authentication,我在Rails 4.2上使用gem,并且我在用户模型中添加了一个字段昵称。我试图通过覆盖gem控制器来实现这一点 class Users::RegistrationsController < DeviseTokenAuth::RegistrationsController before_filter :configure_permitted_parameters def update #this line never shows in the logs Rail
用户
模型中添加了一个字段昵称
。我试图通过覆盖gem控制器来实现这一点
class Users::RegistrationsController < DeviseTokenAuth::RegistrationsController
before_filter :configure_permitted_parameters
def update
#this line never shows in the logs
Rails.logger.info "I never get to run!!"
super
end
protected
# my new custom field is :nickname
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:name, :nickname,
:email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:name,
:email, :password, :password_confirmation, :nickname)
end
end
end
他们似乎是对的:
PATCH /api/auth(.:format) users/registrations#update {:format=>"json"}
PUT /api/auth(.:format) users/registrations#update {:format=>"json"}
然后我尝试从curl
curl -X PUT --dump-header headers_update -H "Access-Token: 2FHhLQFtIgDfSqsTaaCH_g" -H "Uid: sample5@example.com" -H "Client: -RUtwnCfgqvqwDjYPtajQA" -H "Token-Type: Bearer" -H "Expiry: 1447713314" http://api.local.dev:3000/api/auth -d "{ \"nickname\":\"somestuff\"}"
但是更新调用永远无法运行。这是在请求后显示服务器的内容:
I, [2015-11-02T18:05:38.131091 #7940] INFO -- : Started PUT "/api/auth" for 127.0.0.1 at 2015-11-02 18:05:38 -0500
I, [2015-11-02T18:05:38.131222 #7940] INFO -- : Started PUT "/api/auth" for 127.0.0.1 at 2015-11-02 18:05:38 -0500
I, [2015-11-02T18:05:38.147209 #7940] INFO -- : Processing by Users::RegistrationsController#update as */*
I, [2015-11-02T18:05:38.147383 #7940] INFO -- : Processing by Users::RegistrationsController#update as */*
I, [2015-11-02T18:05:38.147490 #7940] INFO -- : Parameters: {"{ \"nickname\":\"somestuff\"}"=>nil}
I, [2015-11-02T18:05:38.147571 #7940] INFO -- : Parameters: {"{ \"nickname\":\"somestuff\"}"=>nil}
D, [2015-11-02T18:05:38.152778 #7940] DEBUG -- : User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."uid" = $1 LIMIT 1 [["uid", "sample5@example.com"]]
D, [2015-11-02T18:05:38.152934 #7940] DEBUG -- : User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."uid" = $1 LIMIT 1 [["uid", "sample5@example.com"]]
D, [2015-11-02T18:05:38.224790 #7940] DEBUG -- : Unpermitted parameter: { "nickname":"somestuff"}
D, [2015-11-02T18:05:38.225023 #7940] DEBUG -- : Unpermitted parameter: { "nickname":"somestuff"}
I, [2015-11-02T18:05:38.237415 #7940] INFO -- : Filter chain halted as :validate_account_update_params rendered or redirected
I, [2015-11-02T18:05:38.237565 #7940] INFO -- : Filter chain halted as :validate_account_update_params rendered or redirected
I, [2015-11-02T18:05:38.237741 #7940] INFO -- : Completed 422 Unprocessable Entity in 90ms (Views: 0.3ms | ActiveRecord: 0.7ms)
I, [2015-11-02T18:05:38.237860 #7940] INFO -- : Completed 422 Unprocessable Entity in 90ms (Views: 0.3ms | ActiveRecord: 0.7ms)
对curl
的json回复是:
{"status":"error","errors":["Please submit proper account update data in request"]}
以下是我的Gemfile
source 'https://rubygems.org'
gem 'rails', '4.2.1'
gem 'rails-api'
gem 'pg'
gem 'activerecord-postgis-adapter'
gem 'rgeo'
gem 'devise'
gem 'devise_token_auth', ">= 0.1.32.beta9" # Token based authentication for Rails JSON APIs
gem 'omniauth' # required for devise_token_auth
group :development, :test do
gem 'pry-byebug', '=1.3.3'
gem 'pry-stack_explorer'
gem 'pry-rails'
gem 'pry-remote'
# Access an IRB console on exception pages or by using <%= console %> in views
gem 'web-console', '~> 2.0'
# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
gem 'spring'
gem "rspec-rails", "~> 3.3"
end
group :test do
#gem "shoulda-matchers"
gem "factory_girl_rails"
gem 'ffaker'
end
源代码'https://rubygems.org'
gem“rails”、“4.2.1”
gem'railsapi'
宝石“pg”
gem“activerecord postgis适配器”
宝石'rgeo'
宝石“设计”
gem'designe_token_auth',“>=0.1.32.beta9”#针对Rails JSON API的基于令牌的身份验证
gem“omniauth”#设计令牌认证所需
小组:开发,:测试
gem‘撬动byebug’,’=1.3.3'
gem“pry-stack_explorer”
宝石“撬轨”
宝石“撬动遥控器”
#在异常页面上或通过在视图中使用访问IRB控制台
gem“web控制台”,“~>2.0”
#Spring通过让应用程序在后台运行来加速开发。阅读更多:https://github.com/rails/spring
宝石“春天”
gem“rspec导轨”,“~>3.3”
结束
组:测试do
#宝石“应该是匹配者”
宝石“工厂女孩轨道”
宝石“法克尔”
结束
您可以通过执行以下操作覆盖设备注册控制器:
class RegistrationsController < Devise::RegistrationsController
private
def sign_up_params
params.require(:user).permit(:name, :nickname, :email, :password, :password_confirmation)
end
def account_update_params
params.require(:user).permit(:name, :nickname, :email, :password, :password_confirmation, :current_password)
end
end
这对我有用
设计令牌身份验证gem
app/controllers/users/registrations\u controller.rb
:
def注册参数
许可证(:姓名,:电子邮件,:密码,:密码\u确认)
结束
class RegistrationsController < Devise::RegistrationsController
private
def sign_up_params
params.require(:user).permit(:name, :nickname, :email, :password, :password_confirmation)
end
def account_update_params
params.require(:user).permit(:name, :nickname, :email, :password, :password_confirmation, :current_password)
end
end
devise_for :users, :controllers => { registrations: 'registrations' }
class Users::RegistrationsController < DeviseTokenAuth::RegistrationsController
end
def sign_up_params
params.require(:registration).permit(:name, :nick, :email, :password, :password_confirmation)
end