Rails Devise - current_user为零 [英] Rails Devise - current_user is nil
问题描述
由于某些原因,在我的无模型控制器(订阅)中
)。我没有在互联网上找到任何证据来证明这种行为... current_user
返回 nil
For some reason, current_user
returns nil
in my model-less controller (Subscriptions
). I have found nothing on the Internet to justify this behavior...
class SubscriptionsController < ApplicationController
def new
...
end
def create
current_user # returns nil
end
end
我有一个csrf元标记:
I have a csrf meta tag :
<meta content="xxx" name="csrf-token">
我可以提供更多的代码,但我不知道会有什么用。
I can provide more code, but I'm not sure what would be useful.
更新
所以感谢评论/答案,我已经将问题明确地指出了动作:创建
。
So thanks to the comments/answers, I have pinpointed the problem to one particular action : create
.
如果我添加 @user = current_user
到新的
,我可以在我的新的
视图中显示当前用户的电子邮件。但是,在我的创建
控制器中, current_user
返回 nil
。
if I add @user = current_user
to the new
, I can show the current user's email in my new
view. However, in my create
controller, current_user
returns nil
.
我通过表单(提交)访问了创建
操作。
I accessed the create
action through a form (submit).
在提交表单之前,我验证输入,然后向Stripe发送请求以从表单中获取令牌。如果没有错误(验证和条纹),我然后发送表单。
Before the form is submitted, I validate the input and then send a request to Stripe to get a token out of the form. If there are no errors (validation and stripe), I then send the form.
可能是原因吗?
更新2
在我的错误消息中,我的会话转储是空,而它应该包含current_user info ...
In my error message, my session dump is empty, while it should contains the current_user info...
推荐答案
原来我所做的AJAX请求没有携带CSRF令牌。因此,Rails正在杀死我的会话。
It turned out the AJAX request I was making didn't carry the CSRF token. For that reason, Rails was killing my session.
我在 skip_before_filter:verify_authenticity_token
> SubscriptionsController ,它现在正在工作。它可能不是最安全的解决方案,但它现在适用,所以我稍后继续开发并回到这个问题。
I added skip_before_filter :verify_authenticity_token
in my SubscriptionsController
and it is now working. It might not be the most secure solution, but it works for now, so I continue to develop and come back to this issue later.
这篇关于Rails Devise - current_user为零的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!