使用 Devise after_sign_in_path_for 重定向循环 [英] Redirect loop with Devise after_sign_in_path_for
问题描述
我遇到了一些菜鸟问题.我想让设计重定向到用户访问的最后一页.所以我做了以下...
I'm having a bit of a noob issue. I wanted to get devise to redirect to the last page the user visited. So I did the following...
def after_sign_in_path_for(resource)
request.referer
end
效果很好...除非用户实际上是通过导致重定向循环的原始表单登录.
Works great...except if the user is actually logging in through the original form which causes a redirect loop.
我试过了
def after_sign_in_path_for(resource)
if (request.referer == "/users/sign_in")
:pages_home
else
request.referer
end
end
但这不起作用,很可能是因为我不知道 request.referer 在遇到原始用户登录页面 (www.example.com/users/sign_in) 时实际上返回了什么.
But thats not working, most likely because I have no idea what request.referer is actually returning when it encounters the original user login page (www.example.com/users/sign_in).
有什么想法吗?
tldr;使用devise,我想重定向到从(即/blog/4)登录的页面,除非页面是/users/sign_in
tldr; Using devise, I want to redirect to the page logged in from (i.e /blog/4) unless the page is /users/sign_in
已解决:
Matchu 是对的.request.referer 也在返回域...
Matchu was right. The request.referer was returning the domain as well...
http://example.com/users/sign_in
(注意:没有 www 前缀)
(note: no www prefix)
我仍然对 request.referer 的替代方法感兴趣,如果它不安全或效率低下.
I'm still interested in an alternative to request.referer if its an insecure or inefficient way.
推荐答案
不要重定向到推荐人 - 这通常是一个坏主意.
Don't redirect to referrers - it's generally a bad idea.
相反,在查询字符串或表单数据中传递一个 next
值.也许使用类似的东西:
Instead, pass a next
value across in the query-string or form-data. Perhaps use something like:
def after_sign_in_path_for(resource)
params[:next] || super
end
当用户尝试访问需要身份验证的页面(例如,/admin/posts/3/edit
)时,身份验证 before_filter
会发出 redirect_to new_session_url(:next => request.path)
.然后编写登录操作和视图以保留 :next
查询字符串参数.
When a user tries to visit a page requiring authentication (e.g., /admin/posts/3/edit
) the authentication before_filter
issues a redirect_to new_session_url(:next => request.path)
. Then code up the login action and view to preserve the :next
query-string parameter.
这篇关于使用 Devise after_sign_in_path_for 重定向循环的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!