Rails Devise - current_user为零 [英] Rails Devise - current_user is nil
问题描述
由于某些原因,在我的无模型控制器(订阅)中)。我没有在互联网上找到任何证据来证明这种行为... current_user 返回 nil
For some reason, current_user returns nil in my model-less controller (Subscriptions). I have found nothing on the Internet to justify this behavior...
class SubscriptionsController < ApplicationController
def new
...
end
def create
current_user # returns nil
end
end
我有一个csrf元标记:
I have a csrf meta tag :
<meta content="xxx" name="csrf-token">
我可以提供更多的代码,但我不知道会有什么用。
I can provide more code, but I'm not sure what would be useful.
更新
所以感谢评论/答案,我已经将问题明确地指出了动作:创建。
So thanks to the comments/answers, I have pinpointed the problem to one particular action : create.
如果我添加 @user = current_user 到新的,我可以在我的新的视图中显示当前用户的电子邮件。但是,在我的创建控制器中, current_user 返回 nil 。
if I add @user = current_user to the new, I can show the current user's email in my new view. However, in my create controller, current_user returns nil.
我通过表单(提交)访问了创建操作。
I accessed the create action through a form (submit).
在提交表单之前,我验证输入,然后向Stripe发送请求以从表单中获取令牌。如果没有错误(验证和条纹),我然后发送表单。
Before the form is submitted, I validate the input and then send a request to Stripe to get a token out of the form. If there are no errors (validation and stripe), I then send the form.
可能是原因吗?
更新2
在我的错误消息中,我的会话转储是空,而它应该包含current_user info ...
In my error message, my session dump is empty, while it should contains the current_user info...
推荐答案
原来我所做的AJAX请求没有携带CSRF令牌。因此,Rails正在杀死我的会话。
It turned out the AJAX request I was making didn't carry the CSRF token. For that reason, Rails was killing my session.
我在
I added skip_before_filter :verify_authenticity_token in my SubscriptionsController and it is now working. It might not be the most secure solution, but it works for now, so I continue to develop and come back to this issue later.
这篇关于Rails Devise - current_user为零的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
