设计authenticate_user！进行远程操作时中断:对非设计控制器操作的真实请求 [英] Devise authenticate_user! breaks when making remote: true requests to a non-devise controller action

问题描述

我在remote: true选项上的Devise'before_action :authenticate_user!过滤器遇到问题.

I am having an issue with Devise' before_action :authenticate_user! filter on remote: true option.

我有一个链接标记，可以向下面的MessagesController的messages#read发出正常的PUT请求

I have a link tag which makes a normal PUT request to messages#read of my MessagesController below

<%= link_to 'Mark Read/Unread', read_message_path(message), method: :put %>

class MessagesController < ApplicationController
  before_action :authenticate_user!, only: :read
  before_action :set_message, only: :read
  ...
  #http PUT
  def read
    @message.toggle!(:read)
    respond_to do |format|
      format.html { redirect_to messages_url, notice: 'Message was successfully destroyed.' }
      format.json { head :no_content }
    end
  end 
  ...
end 

如果用户未登录，它将作为预期的Devise行为重定向到登录页面.

If the user is not signed in, it redirects to the sign in page as the expected Devise behavior.

但是在链接上设置 remote: true 选项时，例如

However when setting the remote: true option on the link e.g.

<%= link_to 'Mark Read/Unread', read_message_path(message), method: :put, remote: true %>

Devise因错误而中断:PUT http://localhost:3000/users/sign_in.js 404 (Not Found)

Devise breaks with error: PUT http://localhost:3000/users/sign_in.js 404 (Not Found)

我的日志输出401 Unauthorized后跟

ActionController::RoutingError (No route matches [PUT] "/users/sign_in.js")

问题是Rails试图通过PUT渲染/users/sign_in.js，该PUT不存在并且不应该.这就是让我绊倒的原因，并且使我感到困惑，因为我希望重定向到设计/users/sign_in html页面，而Rails却尝试呈现扩展名为.js的sign_in页面.

The problem is Rails tries to render /users/sign_in.js via PUT which does not exist and shouldn't. This is what trips me off and confuses me becasue I would exptect to be redirected to devise /users/sign_in html page and instead Rails tries to render a sign_in page with .js extension.

我尝试将config/initializers/devise.rb行设置为

config.http_authenticatable_on_xhr = false

config.navigational_formats = ['*/*', :html, :js]，如此处所述.

我正在使用具有默认设置的Devise.没有特殊的路线或控制器.

I am using Devise with its default settings. No special routes nor controllers.

我在这里想念什么?我是否会误解Devise的工作方式?

What am I missing here? am I misunderstading the way Devise is supposed to work?

是否可以覆盖authenticate_user!以便在xhr请求上重定向到设备的默认sign_in html页面?

Is there away to override authenticate_user! to redirect to devise' default sign_in html page on xhr requests?

推荐答案

在执行jquery ajax调用时，我遇到了类似的问题. 奇怪的是，它正在使用button_to远程调用.

I had a similar problem while doing a jquery ajax call. The strange thing is it was working with a button_to remote call.

我的解决方案是将方法更改为POST，并将预期响应类型更改为script:

My solution was to change the method to POST and expected response type to script:

  $.ajax({
          url: myurl,
          type: 'POST',
          data: {myvar: myval},
          dataType: 'script',

这篇关于设计authenticate_user！进行远程操作时中断:对非设计控制器操作的真实请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！