具有多个Devise模型的可操作电缆身份验证 [英] Actioncable authentication with multiple Devise models

问题描述

我目前正在实现我的两个Devise模型之间的聊天。 客户端和专业版。目前它运行良好，但我只有一个渠道：每个客户或专业人士都收到来自所有客户和所有专业人员的所有消息。显示效果很好，但是观看他们的AJAX流的人可以看到所有不适合他们的私人消息。

I am currently implementing a chat between 2 of my Devise models. Client and Professionnel. It is working just fine at the moment but I have only one channel: every Client or Professionnel receive all messages from all clients and all professionals. The displaying is fine but someone who watches their AJAX flow can see every private message that is not meant for them..

根据此线程> http://www.thegreatcodeadventure.com/rails-5-action-cable- with-multiple-chatroom-subscriptions / 这称为单一责任原则

所以我正在尝试创建子流为了向正确的用户广播。

So I am trying to create "sub streams" in order to broadcast to the right users.

我的第一步是通过Devise进行身份验证。我使用的是经典版本：

My first step is authing with Devise. I am using the classic :

module ApplicationCable
  class Connection < ActionCable::Connection::Base
    identified_by :current_user

    def connect
        self.current_user = find_verified_user
        logger.add_tags 'ActionCable', current_user.email       
    end

    protected

    def find_verified_user
        if verified_user = env['warden'].user
          verified_user
        else
          reject_unauthorized_connection
        end
    end

  end
end

这就是问题所在：当客户端登录时，Actioncable没有创建连接：

And this is where the problem arises: when a Client is logged in, Actioncable is not creating a connection:

Started GET "/cable" for 127.0.0.1 at 2018-04-16 22:30:28 +0200
Started GET "/cable/" [WebSocket] for 127.0.0.1 at 2018-04-16 22:30:28 +0200
Successfully upgraded to WebSocket (REQUEST_METHOD: GET, HTTP_CONNECTION: keep-alive, Upgrade, HTTP_UPGRADE: websocket)
An unauthorized connection attempt was rejected

但是当Professionel登录后，一切正常：

But when a Professionel logs in everything is ok :

Successfully upgraded to WebSocket (REQUEST_METHOD: GET, HTTP_CONNECTION: keep-alive, Upgrade, HTTP_UPGRADE: websocket)
  Professionnel Load (0.4ms)  SELECT  "professionnels".* FROM "professionnels" WHERE "professionnels"."id" = $1 ORDER BY "professionnels"."id" ASC LIMIT $2  [["id", 1], ["LIMIT", 1]]
[ActionCable] [dummy@gmail.com] Registered connection (Z2lkOi8vcm9vZnNlZWRzL1Byb2Zlc3Npb25uZWwvMQ)

这很奇怪，因为在两种情况下，当客户或专业人士为已记录：

This is very strange as in both case the session cookie shows a warden related id, either when Client or Professionel is logged :

["session_id", "0c3649a0e924de3fbf14dbb1cf2ce058"] ["flash", {"discard"=>[], "flashes"=>{"notice"=>"Connecté."}}] ["professionnel_return_to", "/"] ["warden.user.client.key", [[1], "$2a$12$auNvgciv6qPDf7n5a93vXu"]]

["session_id", "43a9b6db09311473419d7f22f2ce6419"] ["flash", {"discard"=>[], "flashes"=>{"notice"=>"Connecté."}}] ["warden.user.professionnel.key", [[1], "$2a$12$qZ4whbN3e2w7fn8NJWa/B."]] ["professionnel_return_to", "/"] ["_csrf_token", "sZA8gze5lxU6R71XUci0uQDXVk+d75VslI90ImcjwhA="] 

我不知道错误的来源..

I dont get where the error comes from ..

EDIT EDIT EDIT

只是在Devise初始化程序中找到了这段代码：

Just found this piece of code in Devise initializer :

  # Configure the default scope given to Warden. By default it's the first
  # devise role declared in your routes (usually :user).
  # config.default_scope = :user

Professionnel确实是我在我声明的第一个Devise角色路线。这和我的问题有关系吗？我该如何解决呢？

Professionnel is indeed my first Devise role declared in my routes. Does it has anything to do with my problem ? And How can I solve this ?

    devise_for :professionnels, controllers: {registrations: "professionnels/registrations", passwords: "professionnels/passwords", confirmations: "professionnels/confirmations"}
    devise_for :clients, controllers: {registrations: "clients/registrations", passwords: "clients/passwords", confirmations: "clients/confirmations"}
    devise_for :admins, controllers: {registrations: "admins/registrations", sessions: "admins/sessions"}

推荐答案

好，答案很简单：如果您有多个Devise帐户要验证到Actioncable中，则必须对每个帐户进行范围限定，在我的情况下，connection.rb看起来像：

Ok the answer is simple: if you have multiple Devise accounts to auth into Actioncable, you have to scope warden for each of them, in my case connection.rb looks like :

module ApplicationCable
  class Connection < ActionCable::Connection::Base
    identified_by :current_user

    def connect
        self.current_user = find_verified_user
        logger.add_tags 'ActionCable', current_user.email       
    end

    protected

    def find_verified_user
        if verified_user = env["warden"].user(:professionnel)
          verified_user
        elsif verified_user = env["warden"].user(:client)
          verified_user    
        else
          reject_unauthorized_connection
        end
    end


  end
end

在这种情况下，我给他们与聊天室相同的标识符是他们两个的孩子，所以我（我想）可以对待他们一样。我认为可以根据需要为他们提供不同的标识符。

In this case I give them the same identifier as the chatroom is a child of both of them so I ( guess I) can treat them the same. I think it is possible to give them different identifiers if needed.

这篇关于具有多个Devise模型的可操作电缆身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！