在通过 Devise 销毁会话时“无法找到具有 'id'=sign_out 的用户" [英] On destroying session via Devise "Couldn't find User with 'id'=sign_out"
本文介绍了在通过 Devise 销毁会话时“无法找到具有 'id'=sign_out 的用户"的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在运行 Rails 5.1.2 和 Ruby 2.4.0.
我在 ApplicationController 中创建了一个名为 require_login 的方法,用于检查用户是否按顺序登录.当且仅当他们没有登录时,他们才会被转发到登录页面.
问题是当我注销它们时,出现以下错误
ActiveRecord::RecordNotFound at/users/sign_out找不到id"=sign_out 的用户罪魁祸首是:
def 显示@user = User.find(params[:id]) # 就在这里授权@user结尾来自我的 UserController.
这是我的代码:
应用控制器
class ApplicationController <动作控制器::基础保护_从_伪造与::异常before_action :configure_permitted_parameters, if: :devise_controller?包括权威人士受保护def configure_permitted_parametersdevise_parameter_sanitizer.permit(:sign_up, keys: [:name])devise_parameter_sanitizer.permit(:account_update, keys: [:name])结尾def require_login除非已登录?flash[:error] = "您必须登录才能访问此部分"redirect_to login_path # 停止请求周期结尾结尾结尾用户控制器
class UsersController <应用控制器before_action :require_login定义索引@users = User.all授权用户结尾高清秀@user = User.find(params[:id])授权@user结尾定义更新@user = User.find(params[:id])授权@user如果@user.update_attributes(secure_params)重定向到用户路径,:notice =>用户已更新."别的重定向到用户路径,:alert =>无法更新用户."结尾结尾销毁user = User.find(params[:id])授权用户用户销毁重定向到用户路径,:notice =>用户已删除."结尾私人的def secure_paramsparams.require(:user).permit(:role)结尾结尾我的layouts/topnav.html.erb,有人可以登出
<nav class="navbar navbar-static-top white-bg" role="navigation" style="margin-bottom: 0"><div class="navbar-header"><a class="navbar-minimalize minimum-styl-2 btn btn-primary " href="#"><i class="fa fa-bars"></i></a><form role="search" class="navbar-form-custom" method="post" action="/"><div class="form-group"><input type="text" placeholder="Search for something..." class="form-control" name="top-search" id="top-search"/></表单>
<ul class="nav navbar-top-links navbar-right"><li><%= link_to '退出', destroy_user_session_path, :method=>'delete' %></nav>
我的routes.rb
Rails.application.routes.draw 做根到:'访客#index'devise_for : 用户资源:用户获取主页/索引"得到家庭/未成年人"根到:'home#index'结尾还有 rake routes 输出以下内容:
前缀动词 URI 模式控制器#Action根 GET/访客#indexnew_user_session GET/users/sign_in(.:format) devise/sessions#newuser_session POST/users/sign_in(.:format) devise/sessions#createdestroy_user_session DELETE/users/sign_out(.:format) devise/sessions#destroynew_user_password GET/users/password/new(.:format) devise/passwords#newedit_user_password GET/users/password/edit(.:format) devise/passwords#edituser_password PATCH/users/password(.:format) devise/passwords#updatePUT/users/password(.:format) devise/passwords#updatePOST/users/password(.:format) devise/passwords#createcancel_user_registration GET/users/cancel(.:format) devise/registrations#cancelnew_user_registration GET/users/sign_up(.:format) devise/registrations#newedit_user_registration GET/users/edit(.:format) devise/registrations#edituser_registration PATCH/users(.:format) devise/registrations#updatePUT/users(.:format) devise/registrations#update删除/users(.:format) 设计/注册#destroyPOST/users(.:format) 设计/注册#createusers GET/users(.:format) users#indexPOST/users(.:format) users#createnew_user GET/users/new(.:format) users#newedit_user GET/users/:id/edit(.:format) users#edituser GET/users/:id(.:format) users#showPATCH/users/:id(.:format) users#updatePUT/users/:id(.:format) users#update删除/users/:id(.:format) users#destroypage GET/pages/*id high_voltage/pages#show如果某人未通过身份验证,我该怎么做才能将他们转发到登录页面,我该如何销毁他们的会话,以便在他们退出时正确转发到登录页面?
解决方案
resources :users 和 devise_for :users 冲突所以
试试下面的代码:
routes.rb
Rails.application.routes.draw 做根到:'访客#index'devise_for : 用户#resources :users//注释用户资源,因为它已经被devise_for使用或为用户使用了一些其他资源获取主页/索引"获得家庭/未成年人"根到:'home#index'结尾此外,在您的 config/initalizer/devise.rb 文件中
将 config.sign_out_via = :delete 更改为 config.sign_out_via = :get
I'm running Rails 5.1.2 and Ruby 2.4.0.
I've created a method in the ApplicationController called require_login that checks if the user is logged in order not. If and only if they aren't logged in, they are forwarded to the login page.
The problem is that when I sign them out, I get the following error
ActiveRecord::RecordNotFound at /users/sign_out
Couldn't find User with 'id'=sign_out
With the culprit line being:
def show
@user = User.find(params[:id]) # right here
authorize @user
end
from my UserController.
This is my code:
ApplicationController
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :configure_permitted_parameters, if: :devise_controller?
include Pundit
protected
def configure_permitted_parameters
devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
devise_parameter_sanitizer.permit(:account_update, keys: [:name])
end
def require_login
unless signed_in?
flash[:error] = "You must be logged in to access this section"
redirect_to login_path # halts request cycle
end
end
end
UsersController
class UsersController < ApplicationController
before_action :require_login
def index
@users = User.all
authorize User
end
def show
@user = User.find(params[:id])
authorize @user
end
def update
@user = User.find(params[:id])
authorize @user
if @user.update_attributes(secure_params)
redirect_to users_path, :notice => "User updated."
else
redirect_to users_path, :alert => "Unable to update user."
end
end
def destroy
user = User.find(params[:id])
authorize user
user.destroy
redirect_to users_path, :notice => "User deleted."
end
private
def secure_params
params.require(:user).permit(:role)
end
end
My layouts/topnav.html.erb where someone can sign out
<div class="row border-bottom">
<nav class="navbar navbar-static-top white-bg" role="navigation" style="margin-bottom: 0">
<div class="navbar-header">
<a class="navbar-minimalize minimalize-styl-2 btn btn-primary " href="#"><i class="fa fa-bars"></i> </a>
<form role="search" class="navbar-form-custom" method="post" action="/">
<div class="form-group">
<input type="text" placeholder="Search for something..." class="form-control" name="top-search" id="top-search" />
</div>
</form>
</div>
<ul class="nav navbar-top-links navbar-right">
<li>
<%= link_to 'Sign out', destroy_user_session_path, :method=>'delete' %>
</li>
</ul>
</nav>
</div>
My routes.rb
Rails.application.routes.draw do
root to: 'visitors#index'
devise_for :users
resources :users
get "home/index"
get "home/minor"
root to: 'home#index'
end
Also rake routes outputs the following:
Prefix Verb URI Pattern Controller#Action
root GET / visitors#index
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
user_password PATCH /users/password(.:format) devise/passwords#update
PUT /users/password(.:format) devise/passwords#update
POST /users/password(.:format) devise/passwords#create
cancel_user_registration GET /users/cancel(.:format) devise/registrations#cancel
new_user_registration GET /users/sign_up(.:format) devise/registrations#new
edit_user_registration GET /users/edit(.:format) devise/registrations#edit
user_registration PATCH /users(.:format) devise/registrations#update
PUT /users(.:format) devise/registrations#update
DELETE /users(.:format) devise/registrations#destroy
POST /users(.:format) devise/registrations#create
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
page GET /pages/*id high_voltage/pages#show
What can I do in order for a person to get forwarded to the Login page if they are not authenticated and how can I probably destroy their session so that when they sign out they are properly forwarded to the login page?
解决方案
resources :users and devise_for :users are conflict so
try below code:
routes.rb
Rails.application.routes.draw do
root to: 'visitors#index'
devise_for :users
#resources :users //comment the users resources because its already used by devise_for or used some other resources for users
get "home/index"
get "home/minor"
root to: 'home#index'
end
Additionally, in your config/initalizer/devise.rb file
Change config.sign_out_via = :delete to config.sign_out_via = :get
这篇关于在通过 Devise 销毁会话时“无法找到具有 'id'=sign_out 的用户"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
