登录后,用户被重定向到受 authenticate_user 保护的控制器!:
before_filter :authenticate_user!
在 Rails 3.2.8 中,这不会进行身份验证并返回“已完成 401 未授权”。
但是,它适用于 Rails 3.2.7,但前提是我将 account_id 添加到表单 (HAML)
= f.hidden_field :account_id, :value => @account.id
添加该隐藏字段后,我在日志中看到此查询:
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."email" = 'email@gmail.com' AND "users"."account_id" = 41 LIMIT 1
但是,当我删除 account_id 隐藏字段时,不会执行对用户的查询,并且日志显示相同的“已完成 401 未授权”消息。
它在 Rails 3.2.8 中不起作用,无论有无 account_id。
我正在使用最新的设计 (2.1.2)
这个问题困扰了我很长时间,所以非常感谢任何帮助。
编辑:
我的 routes.rb 中有这个:
devise_for :users, :controllers => { :passwords => "passwords", :sessions => "sessions", :omniauth_callbacks => "users/omniauth_callbacks" }
和我的初始化程序/devise.rb:
Devise.setup do |config|
# ==> Mailer Configuration
# Configure the e-mail address which will be shown in DeviseMailer.
config.mailer_sender = "info@mydomain.com"
# Configure the class responsible to send e-mails.
# config.mailer = "Devise::Mailer"
# ==> ORM configuration
# Load and configure the ORM. Supports :active_record (default) and
# :mongoid (bson_ext recommended) by default. Other ORMs may be
# available as additional gems.
require 'devise/orm/active_record'
# omniauth stuff
require "omniauth-facebook"
require 'openid/store/filesystem'
config.omniauth :facebook, "#key", "#secret"
config.omniauth :open_id, :store => OpenID::Store::Filesystem.new('/tmp'), :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id', :require => 'omniauth-openid'
# ==> Configuration for any authentication mechanism
# Configure which keys are used when authenticating a user. The default is
# just :email. You can configure it to use [:username, :subdomain], so for
# authenticating a user, both parameters are required. Remember that those
# parameters are used only when authenticating and not when retrieving from
# session. If you need permissions, you should implement that in a before filter.
# You can also supply a hash where the value is a boolean determining whether
# or not authentication should be aborted when the value is not present.
config.authentication_keys = [ :email, :account_id ]
# Configure which authentication keys should be case-insensitive.
# These keys will be downcased upon creating or modifying a user and when used
# to authenticate or find a user. Default is :email.
config.case_insensitive_keys = [ :email ]
# Configure which authentication keys should have whitespace stripped.
# These keys will have whitespace before and after removed upon creating or
# modifying a user and when used to authenticate or find a user. Default is :email.
config.strip_whitespace_keys = [ :email ]
config.stretches = 10
config.reset_password_within = 2.hours
config.navigational_formats = [:"*/*", "*/*", :html, :mobile]
config.sign_out_via = :delete
end