Ruby on rails 测试rails API以注册Desive。错误:";缺失';确认成功url';参数;
我正在尝试在我的应用程序中使用和进行身份验证 我正在覆盖注册控制器,如下所示:Ruby on rails 测试rails API以注册Desive。错误:";缺失';确认成功url';参数;,ruby-on-rails,ruby,ruby-on-rails-4,authentication,devise,Ruby On Rails,Ruby,Ruby On Rails 4,Authentication,Devise,我正在尝试在我的应用程序中使用和进行身份验证 我正在覆盖注册控制器,如下所示: module Overrides class RegistrationsController < DeviseTokenAuth::RegistrationsController ## I am doing these to go around the `Can't verify CSRF token authenticity` Error. # skip_before_action :v
module Overrides
class RegistrationsController < DeviseTokenAuth::RegistrationsController
## I am doing these to go around the `Can't verify CSRF token authenticity` Error.
# skip_before_action :valid_authenticity_token, only: :create
protect_from_forgery :except => :create
def sign_up_params
params.require(:user).permit(:email, :password, :password_confirmation, :name, :nickname)
end
end
end
swagger_api :create do
summary "Sign up a new user"
param :form, "user[email]", :string, :required, "Email of the new user"
param :form, "user[password]", :string, :required, "Password of the new user"
param :form, "user[password_confirmation]", :string, :required, "Retype Password of the new user"
param :form, "user[name]", :string, :optional, "Name of the new user"
param :form, "user[nickname]", :string, :optional, "Nick-Name of the new user"
response :not_acceptable
response :success
end
Processing by Overrides::RegistrationsController#create as JSON
Parameters: {"user"=>{"email"=>"sadf@fsd.fgs", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "name"=>"rgefsrfgrfdfsd", "nickname"=>"rgefsrfgrfdfsd"}}
这将在我的终端上生成如下参数:
module Overrides
class RegistrationsController < DeviseTokenAuth::RegistrationsController
## I am doing these to go around the `Can't verify CSRF token authenticity` Error.
# skip_before_action :valid_authenticity_token, only: :create
protect_from_forgery :except => :create
def sign_up_params
params.require(:user).permit(:email, :password, :password_confirmation, :name, :nickname)
end
end
end
swagger_api :create do
summary "Sign up a new user"
param :form, "user[email]", :string, :required, "Email of the new user"
param :form, "user[password]", :string, :required, "Password of the new user"
param :form, "user[password_confirmation]", :string, :required, "Retype Password of the new user"
param :form, "user[name]", :string, :optional, "Name of the new user"
param :form, "user[nickname]", :string, :optional, "Nick-Name of the new user"
response :not_acceptable
response :success
end
Processing by Overrides::RegistrationsController#create as JSON
Parameters: {"user"=>{"email"=>"sadf@fsd.fgs", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "name"=>"rgefsrfgrfdfsd", "nickname"=>"rgefsrfgrfdfsd"}}
然而,这个请求从来没有击中我的模型(更不用说创建新用户了)。但是,在页面上,我有以下错误:
在终端上,一个在93ms内完成了403禁止(视图:0.3ms |活动记录:0.0ms)
我怎样才能着手解决这个问题?谢谢
更新:
#route.rb:
namespace :api do
namespace :v1 do
mount_devise_token_auth_for 'User', at: 'auth', controllers: {
confirmations: 'overrides/confirmations',
passwords: 'overrides/passwords',
registrations: 'overrides/registrations',
sessions: 'overrides/sessions',
}
...
end
end
#Countroller:
class ApiController < ApplicationController
include DeviseTokenAuth::Concerns::SetUserByToken
protect_from_forgery with: :null_session
end
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
protect_from_forgery with: :null_session, if: Proc.new { |c| c.request.format == 'application/json' }
end
#user.rb:
class User < ActiveRecord::Base
# Include default devise modules.
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:confirmable, :omniauthable
include DeviseTokenAuth::Concerns::User
#route.rb:
名称空间:api do
名称空间:v1 do
在“auth”处为“用户”安装\u设计\u令牌\u验证\u控制器:{
确认:“覆盖/确认”,
密码:“覆盖/密码”,
注册:“覆盖/注册”,
会话:“覆盖/会话”,
}
...
结束
结束
#计数轮:
类ApiController<应用程序控制器
包括DevisionTokenAuth::关注点::SetUserByToken
使用::null\u会话防止\u伪造
结束
类ApplicationController
使用确认成功\u url
参数支持多个客户端应用程序。如果不需要param,那么在电子邮件确认后,API无法知道重定向到哪里
但是对于您的design\u token\u auth
,您的应用程序\u controller.rb应该是:
protect_from_forgery with: :null_session
include DeviseTokenAuth::Concerns::SetUserByToken
在您的路线中。rb
mount\u designe\u token\u auth\u用于“用户”,位于:“auth”
删除user.rb中的confirmable
标记,使其如下所示
devise :database_authenticatable, :recoverable,
:trackable, :validatable, :registerable,
:omniauthable
include DeviseTokenAuth::Concerns::User
作为对任何可能发现这个的人的提醒,如果你有
include DeviseTokenAuth::Concerns::User
在user.rb
中的design
部分之前,design\u token\u auth将为您提供身份验证,其中包括列表中的confirmable
(可能会产生上述错误)。只需在设计部分之后移动模块include,它就会工作
这不是OP的问题,而是我如何来到这里的。解决方案只是在config/initializer/designe\u token\u auth.rb中设置默认URL:
DeviseTokenAuth.setup do |config|
config.default_confirm_success_url = "confirmed"
end
共享您的路线
和完整的应用程序_controller.rb
如果相关问题未解决,哦,是的,我在各自的位置有上述两个。但是你是说假设这是从一个真实的客户端(比如一个手机应用程序)消费的,那么这个确认\u成功\u url
就不会是问题了吗?@请更新你的应用程序\u controller.rb和routes.rb,这样我就可以看到更多信息。在这个问题中,我就是这么做的。请检查以上内容。谢谢是的,我也有。我已将其添加到问题帖子中。请查收#叹气出于与回答中相同的原因,有关更多详细信息,请查看Desive Docs,这对我帮助很大,谢谢。不确定发电机为什么自带设备模块。。