0

救命,我感觉用户身份验证漏洞出不来了!!我一直在研究M. Hartl 的 Rails 教程——我很年轻。我的身份验证测试不会通过。通过每个 rspec 测试,我有 24 个错误。

让我在这里发布我的文件。对不起,他们很长!

第一次发帖!帕特里克

错误消息剪辑:

 Called from: /usr/local/rvm/gems/ruby-1.9.3-p194/gems/actionpack-3.2.8/lib/action_dispatch/middleware/session/abstract_store.rb
:28:in `initialize'.

Rack::File headers parameter replaces cache_control after Rack 1.5.
......................FFFFFFFFFFFFFFFFFFFFFFFF

Failures:

  1) Authentication signin page 
     Failure/Error: before { visit signin_path }
     ActionView::Template::Error:
       Cannot visit ActionDispatch::Cookies::CookieJar
     # ./app/helpers/sessions_helper.rb:17:in `current_user'
     # ./app/helpers/sessions_helper.rb:9:in `signed_in?'
     # ./app/views/layouts/_header.html.erb:9:in `_app_views_layouts__header_html_erb__123903852617126607_2175273320'
     # ./app/views/layouts/application.html.erb:12:in `_app_views_layouts_application_html_erb__491350308634062831_2175693140'
     # ./spec/requests/authentication_pages_spec.rb:8:in `block (3 levels) in <top (required)>'

  2) Authentication signin page 
     Failure/Error: before { visit signin_path }
     ActionView::Template::Error:
       Cannot visit ActionDispatch::Cookies::CookieJar
     # ./app/helpers/sessions_helper.rb:17:in `current_user'
     # ./app/helpers/sessions_helper.rb:9:in `signed_in?'
     # ./app/views/layouts/_header.html.erb:9:in `_app_views_layouts__header_html_erb__123903852617126607_2175273320'
     # ./app/views/layouts/application.html.erb:12:in `_app_views_layouts_application_html_erb__491350308634062831_2175693140'
     # ./spec/requests/authentication_pages_spec.rb:8:in `block (3 levels) in <top (required)>'

  3) Authentication signin with invalid information 
     Failure/Error: before { visit signin_path }
     ActionView::Template::Error:
       Cannot visit ActionDispatch::Cookies::CookieJar
     # ./app/helpers/sessions_helper.rb:17:in `current_user'
     # ./app/helpers/sessions_helper.rb:9:in `signed_in?'
     # ./app/views/layouts/_header.html.erb:9:in `_app_views_layouts__header_html_erb__123903852617126607_2175273320'
     # ./app/views/layouts/application.html.erb:12:in `_app_views_layouts_application_html_erb__491350308634062831_2175693140'
.
.
.

Failed examples:

rspec ./spec/requests/authentication_pages_spec.rb:10 # Authentication signin page 
rspec ./spec/requests/authentication_pages_spec.rb:11 # Authentication signin page 
rspec ./spec/requests/authentication_pages_spec.rb:20 # Authentication signin with invalid information 
rspec ./spec/requests/authentication_pages_spec.rb:21 # Authentication signin with invalid information 
rspec ./spec/requests/authentication_pages_spec.rb:26 # Authentication signin with invalid information after visiting another page 
rspec ./spec/requests/authentication_pages_spec.rb:39 # Authentication signin with valid information 
rspec ./spec/requests/authentication_pages_spec.rb:40 # Authentication signin with valid information 
rspec ./spec/requests/authentication_pages_spec.rb:41 # Authentication signin with valid information 
rspec ./spec/requests/authentication_pages_spec.rb:42 # Authentication signin with valid information 
rspec ./spec/requests/static_pages_spec.rb:10 # Static pages Home page 
rspec ./spec/requests/static_pages_spec.rb:11 # Static pages Home page 
rspec ./spec/requests/static_pages_spec.rb:12 # Static pages Home page 
rspec ./spec/requests/static_pages_spec.rb:18 # Static pages Help page 
rspec ./spec/requests/static_pages_spec.rb:19 # Static pages Help page 
rspec ./spec/requests/static_pages_spec.rb:25 # Static pages About page 
rspec ./spec/requests/static_pages_spec.rb:26 # Static pages About page 
rspec ./spec/requests/static_pages_spec.rb:32 # Static pages Contact page 
rspec ./spec/requests/static_pages_spec.rb:33 # Static pages Contact page 
rspec ./spec/requests/user_pages_spec.rb:11 # User pages profile page 
rspec ./spec/requests/user_pages_spec.rb:12 # User pages profile page 
rspec ./spec/requests/user_pages_spec.rb:18 # User pages signup page 
rspec ./spec/requests/user_pages_spec.rb:19 # User pages signup page 
rspec ./spec/requests/user_pages_spec.rb:29 # User pages signup with invalid information should not create a user
rspec ./spec/requests/user_pages_spec.rb:43 # User pages signup with valid information should create a user

我的身份验证 Rspec:

require 'spec_helper'

describe "Authentication" do

  subject { page }

   describe "signin page" do
    before { visit signin_path }

    it { should have_selector('h1',   text: 'Sign in') }
    it { should have_selector('title', text: full_title('Sign in')) }
    end

    describe "signin" do
    before { visit signin_path }

    describe "with invalid information" do
      before { click_button "Sign in" }

    it { should have_selector('title',   text: 'Sign in') }
    it { should have_selector('div.alert.alert-error', text: 'Invalid') }

     describe "after visiting another page" do
      before { click_link "Home" }

    it { should_not have_selector('div.alert.alert-error') }
  end
end


  describe "with valid information" do
    let(:user) { FactoryGirl.create(:user) }
      before do
          fill_in "Email", with: user.email
          fill_in "Password", with: user.password
          click_button "Sign in"
      end
    it { should have_selector('title',   text: user.name) }
    it { should have_link('Profile', href: user_path(user)) }
    it { should have_link('Sign out', href: signout_path) }
    it { should_not have_link('Sign in', href: signin_path)}
  end
end
end

这是我的会话控制器

class SessionsController < ApplicationController
  def new
  end

  def create
    user = User.find_by_email (params[:session][:email])
    if user && user.authenticate(params[:session][:password])
      sign_in user
      redirect_to user
    else
      flash.now[:error] = 'Invalid email/password combination'
      render 'new'
  end
  end

  def destroy

  end
end

这是我的 Routes.rb

SampleApp::Application.routes.draw do
  resources :users
  resources :sessions, only: [:new, :create, :destroy]

  root to: 'static_pages#home'

  match '/signup', to: 'users#new'
    match '/signin', to: 'sessions#new'
      match '/signout', to: 'sessions#destroy', via: :delete


  match '/help', to: 'static_pages#help'
  match '/about', to: 'static_pages#about'
  match '/contact', to: 'static_pages#contact'
.
.
.
end

这里是 app/views/sessions/new.html.erb

<% provide(:title, "Sign in") %>
<h1>Sign in</h1>

<div class="row">
  <div class="span6 offset3">
    <%= form_for(:session, url: sessions_path) do |f| %>

      <%= f.label :email %>
      <%= f.text_field :email %>

      <%= f.label :password %>
      <%= f.password_field :password %>

      <%= f.submit "Sign in", class: "btn btn-large btn-primary" %>
    <% end %>

    <p>New user? <%= link_to "Sign up now!", signup_path %></p>
  </div>
</div>

这是更正后的 Session 助手的文本:

module SessionsHelper

  def sign_in(user)
    cookies.permanent[:remember_token] = user.remember_token
    self.current_user = user
  end

  def signed_in?
    !current_user.nil?
  end

  def current_user=(user)
    @current_user = user
  end

   def current_user
     @current_user ||= User.find_by_remember_token(cookies[:remember_token] )
   end

   def sign_out
     self.current_user = nil
     cookies.delete(:remember_token)
   end
end
4

1 回答 1

0

好的,Meetup 的一位朋友在这方面帮助了我。在我的 Sessions Helper 中,cookie 参数需要 [] 括号而不是 {}。感谢您的阅读!

于 2013-05-08T15:45:50.157 回答