0

我有一些旧版 Rails 代码指定已验证:对于远程表单为 true。但据我所知,参数什么也没做。也许开发人员想要包含一个真实性令牌?

我进行了搜索,但没有找到有关此参数的文档。

<%= form_for @house, url: action_path, method: "PATCH", authenticated: true, remote: true, html: { id: 'house-edit-contact' } do |f| %>
    <%= f.label :website, 'website: ' %>
    <%= f.text_field :website %>
    <br>
    <%= f.label :phone, 'phone: ' %>
    <%= f.text_field :phone %>
    <br><br>
    <%= f.submit "Submit Changes" %>
  <% end %>

值得一提的是生成的 HTML,但我在其中看不到任何与身份验证相关的内容:

<form class="edit_house" id="house-edit-contact" action="/houses/7112?field=contact-info&amp;placement=contact_info" accept-charset="UTF-8" data-remote="true" method="post">
  <input name="utf8" type="hidden" value="✓">
  <input type="hidden" name="_method" value="patch">
  <br>
  <label for="house_website">website: </label>
  <input type="text" value="portofhopecenters.org" name="house[website]" id="house_website">
  <br>
  <label for="house_phone">phone: </label>
  <input type="text" value="208-463-0118" name="house[phone]" id="house_phone">
  <br><br>
  <input type="submit" name="commit" value="Submit Changes" data-disable-with="Submit Changes">
</form>
4

1 回答 1

0

You can do

<%= form_for @house, url:(action_path, authenticated: true), method: "PATCH", remote: true, html: { id: 'house-edit-contact' } do |f| %>
    <%= f.label :website, 'website: ' %>
    <%= f.text_field :website %>
    <br>
    <%= f.label :phone, 'phone: ' %>
    <%= f.text_field :phone %>
    <br><br>
    <%= f.submit "Submit Changes" %>
  <% end %>

but as you are using devise you need not pass it from the view you can simply control from the before_action: authenticate_user!, only: [:update] in the controller itself.

于 2019-06-10T04:28:59.580 回答