救命,我感觉用户身份验证漏洞出不来了!!我一直在研究M. Hartl 的 Rails 教程——我很年轻。我的身份验证测试不会通过。通过每个 rspec 测试,我有 24 个错误。
让我在这里发布我的文件。对不起,他们很长!
第一次发帖!帕特里克
错误消息剪辑:
Called from: /usr/local/rvm/gems/ruby-1.9.3-p194/gems/actionpack-3.2.8/lib/action_dispatch/middleware/session/abstract_store.rb
:28:in `initialize'.
Rack::File headers parameter replaces cache_control after Rack 1.5.
......................FFFFFFFFFFFFFFFFFFFFFFFF
Failures:
1) Authentication signin page
Failure/Error: before { visit signin_path }
ActionView::Template::Error:
Cannot visit ActionDispatch::Cookies::CookieJar
# ./app/helpers/sessions_helper.rb:17:in `current_user'
# ./app/helpers/sessions_helper.rb:9:in `signed_in?'
# ./app/views/layouts/_header.html.erb:9:in `_app_views_layouts__header_html_erb__123903852617126607_2175273320'
# ./app/views/layouts/application.html.erb:12:in `_app_views_layouts_application_html_erb__491350308634062831_2175693140'
# ./spec/requests/authentication_pages_spec.rb:8:in `block (3 levels) in <top (required)>'
2) Authentication signin page
Failure/Error: before { visit signin_path }
ActionView::Template::Error:
Cannot visit ActionDispatch::Cookies::CookieJar
# ./app/helpers/sessions_helper.rb:17:in `current_user'
# ./app/helpers/sessions_helper.rb:9:in `signed_in?'
# ./app/views/layouts/_header.html.erb:9:in `_app_views_layouts__header_html_erb__123903852617126607_2175273320'
# ./app/views/layouts/application.html.erb:12:in `_app_views_layouts_application_html_erb__491350308634062831_2175693140'
# ./spec/requests/authentication_pages_spec.rb:8:in `block (3 levels) in <top (required)>'
3) Authentication signin with invalid information
Failure/Error: before { visit signin_path }
ActionView::Template::Error:
Cannot visit ActionDispatch::Cookies::CookieJar
# ./app/helpers/sessions_helper.rb:17:in `current_user'
# ./app/helpers/sessions_helper.rb:9:in `signed_in?'
# ./app/views/layouts/_header.html.erb:9:in `_app_views_layouts__header_html_erb__123903852617126607_2175273320'
# ./app/views/layouts/application.html.erb:12:in `_app_views_layouts_application_html_erb__491350308634062831_2175693140'
.
.
.
Failed examples:
rspec ./spec/requests/authentication_pages_spec.rb:10 # Authentication signin page
rspec ./spec/requests/authentication_pages_spec.rb:11 # Authentication signin page
rspec ./spec/requests/authentication_pages_spec.rb:20 # Authentication signin with invalid information
rspec ./spec/requests/authentication_pages_spec.rb:21 # Authentication signin with invalid information
rspec ./spec/requests/authentication_pages_spec.rb:26 # Authentication signin with invalid information after visiting another page
rspec ./spec/requests/authentication_pages_spec.rb:39 # Authentication signin with valid information
rspec ./spec/requests/authentication_pages_spec.rb:40 # Authentication signin with valid information
rspec ./spec/requests/authentication_pages_spec.rb:41 # Authentication signin with valid information
rspec ./spec/requests/authentication_pages_spec.rb:42 # Authentication signin with valid information
rspec ./spec/requests/static_pages_spec.rb:10 # Static pages Home page
rspec ./spec/requests/static_pages_spec.rb:11 # Static pages Home page
rspec ./spec/requests/static_pages_spec.rb:12 # Static pages Home page
rspec ./spec/requests/static_pages_spec.rb:18 # Static pages Help page
rspec ./spec/requests/static_pages_spec.rb:19 # Static pages Help page
rspec ./spec/requests/static_pages_spec.rb:25 # Static pages About page
rspec ./spec/requests/static_pages_spec.rb:26 # Static pages About page
rspec ./spec/requests/static_pages_spec.rb:32 # Static pages Contact page
rspec ./spec/requests/static_pages_spec.rb:33 # Static pages Contact page
rspec ./spec/requests/user_pages_spec.rb:11 # User pages profile page
rspec ./spec/requests/user_pages_spec.rb:12 # User pages profile page
rspec ./spec/requests/user_pages_spec.rb:18 # User pages signup page
rspec ./spec/requests/user_pages_spec.rb:19 # User pages signup page
rspec ./spec/requests/user_pages_spec.rb:29 # User pages signup with invalid information should not create a user
rspec ./spec/requests/user_pages_spec.rb:43 # User pages signup with valid information should create a user
我的身份验证 Rspec:
require 'spec_helper'
describe "Authentication" do
subject { page }
describe "signin page" do
before { visit signin_path }
it { should have_selector('h1', text: 'Sign in') }
it { should have_selector('title', text: full_title('Sign in')) }
end
describe "signin" do
before { visit signin_path }
describe "with invalid information" do
before { click_button "Sign in" }
it { should have_selector('title', text: 'Sign in') }
it { should have_selector('div.alert.alert-error', text: 'Invalid') }
describe "after visiting another page" do
before { click_link "Home" }
it { should_not have_selector('div.alert.alert-error') }
end
end
describe "with valid information" do
let(:user) { FactoryGirl.create(:user) }
before do
fill_in "Email", with: user.email
fill_in "Password", with: user.password
click_button "Sign in"
end
it { should have_selector('title', text: user.name) }
it { should have_link('Profile', href: user_path(user)) }
it { should have_link('Sign out', href: signout_path) }
it { should_not have_link('Sign in', href: signin_path)}
end
end
end
这是我的会话控制器
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by_email (params[:session][:email])
if user && user.authenticate(params[:session][:password])
sign_in user
redirect_to user
else
flash.now[:error] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
end
end
这是我的 Routes.rb
SampleApp::Application.routes.draw do
resources :users
resources :sessions, only: [:new, :create, :destroy]
root to: 'static_pages#home'
match '/signup', to: 'users#new'
match '/signin', to: 'sessions#new'
match '/signout', to: 'sessions#destroy', via: :delete
match '/help', to: 'static_pages#help'
match '/about', to: 'static_pages#about'
match '/contact', to: 'static_pages#contact'
.
.
.
end
这里是 app/views/sessions/new.html.erb
<% provide(:title, "Sign in") %>
<h1>Sign in</h1>
<div class="row">
<div class="span6 offset3">
<%= form_for(:session, url: sessions_path) do |f| %>
<%= f.label :email %>
<%= f.text_field :email %>
<%= f.label :password %>
<%= f.password_field :password %>
<%= f.submit "Sign in", class: "btn btn-large btn-primary" %>
<% end %>
<p>New user? <%= link_to "Sign up now!", signup_path %></p>
</div>
</div>
这是更正后的 Session 助手的文本:
module SessionsHelper
def sign_in(user)
cookies.permanent[:remember_token] = user.remember_token
self.current_user = user
end
def signed_in?
!current_user.nil?
end
def current_user=(user)
@current_user = user
end
def current_user
@current_user ||= User.find_by_remember_token(cookies[:remember_token] )
end
def sign_out
self.current_user = nil
cookies.delete(:remember_token)
end
end