在通过Devise销毁会话时，“找不到具有'id'= sign_out的用户”； [英] On destroying session via Devise "Couldn't find User with 'id'=sign_out"

问题描述

我正在运行Rails 5.1.2和Ruby 2.4.0。

I'm running Rails 5.1.2 and Ruby 2.4.0.

我在ApplicationController中创建了一个名为 require_login 检查用户是否以未登录的身份登录。当且仅当它们未登录时，它们才会转发到登录页面。

I've created a method in the ApplicationController called require_login that checks if the user is logged in order not. If and only if they aren't logged in, they are forwarded to the login page.

问题是当我注销它们时，出现以下错误

The problem is that when I sign them out, I get the following error

ActiveRecord::RecordNotFound at /users/sign_out
Couldn't find User with 'id'=sign_out

罪魁祸首是：

def show
    @user = User.find(params[:id]) # right here
    authorize @user
end

来自我的UserController。

from my UserController.

这是我的代码：

ApplicationController

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
  before_action :configure_permitted_parameters, if: :devise_controller?
  include Pundit

  protected

  def configure_permitted_parameters
    devise_parameter_sanitizer.permit(:sign_up, keys: [:name])
    devise_parameter_sanitizer.permit(:account_update, keys: [:name])
  end

  def require_login
    unless signed_in?
      flash[:error] = "You must be logged in to access this section"
      redirect_to login_path # halts request cycle
    end
  end

end

UsersController

class UsersController < ApplicationController
  before_action :require_login

  def index
    @users = User.all
    authorize User
  end

  def show
    @user = User.find(params[:id])
    authorize @user
  end

  def update
    @user = User.find(params[:id])
    authorize @user
    if @user.update_attributes(secure_params)
      redirect_to users_path, :notice => "User updated."
    else
      redirect_to users_path, :alert => "Unable to update user."
    end
  end

  def destroy
    user = User.find(params[:id])
    authorize user
    user.destroy
    redirect_to users_path, :notice => "User deleted."
  end

  private

  def secure_params
    params.require(:user).permit(:role)
  end

end

我的 layouts / topnav.html.erb 其中有人可以退出

<div class="row border-bottom">
    <nav class="navbar navbar-static-top white-bg" role="navigation" style="margin-bottom: 0">
        <div class="navbar-header">
            <a class="navbar-minimalize minimalize-styl-2 btn btn-primary " href="#"><i class="fa fa-bars"></i> </a>
            <form role="search" class="navbar-form-custom" method="post" action="/">
                <div class="form-group">
                    <input type="text" placeholder="Search for something..." class="form-control" name="top-search" id="top-search" />
                </div>
            </form>
        </div>
        <ul class="nav navbar-top-links navbar-right">
            <li>
                <%= link_to 'Sign out', destroy_user_session_path, :method=>'delete' %>
            </li>
        </ul>
    </nav>
</div>

我的 routes.rb

Rails.application.routes.draw do
  root to: 'visitors#index'
  devise_for :users
  resources :users


  get "home/index"
  get "home/minor"
  root to: 'home#index'

end

也耙路输出以下内容：

                  Prefix Verb   URI Pattern                    Controller#Action
                    root GET    /                              visitors#index
        new_user_session GET    /users/sign_in(.:format)       devise/sessions#new
            user_session POST   /users/sign_in(.:format)       devise/sessions#create
    destroy_user_session DELETE /users/sign_out(.:format)      devise/sessions#destroy
       new_user_password GET    /users/password/new(.:format)  devise/passwords#new
      edit_user_password GET    /users/password/edit(.:format) devise/passwords#edit
           user_password PATCH  /users/password(.:format)      devise/passwords#update
                         PUT    /users/password(.:format)      devise/passwords#update
                         POST   /users/password(.:format)      devise/passwords#create
cancel_user_registration GET    /users/cancel(.:format)        devise/registrations#cancel
   new_user_registration GET    /users/sign_up(.:format)       devise/registrations#new
  edit_user_registration GET    /users/edit(.:format)          devise/registrations#edit
       user_registration PATCH  /users(.:format)               devise/registrations#update
                         PUT    /users(.:format)               devise/registrations#update
                         DELETE /users(.:format)               devise/registrations#destroy
                         POST   /users(.:format)               devise/registrations#create
                   users GET    /users(.:format)               users#index
                         POST   /users(.:format)               users#create
                new_user GET    /users/new(.:format)           users#new
               edit_user GET    /users/:id/edit(.:format)      users#edit
                    user GET    /users/:id(.:format)           users#show
                         PATCH  /users/:id(.:format)           users#update
                         PUT    /users/:id(.:format)           users#update
                         DELETE /users/:id(.:format)           users#destroy
                    page GET    /pages/*id                     high_voltage/pages#show

我该怎么做才能使一个人转发到登录页面如果未通过身份验证，我怎么可能破坏它们的会话，以便在注销时将它们正确转发到登录页面？

What can I do in order for a person to get forwarded to the Login page if they are not authenticated and how can I probably destroy their session so that when they sign out they are properly forwarded to the login page?

推荐答案

resources：users 和 devise_for：users 是冲突的，所以

尝试以下代码：

Rails.application.routes.draw do
  root to: 'visitors#index'
  devise_for :users
  #resources :users //comment the users resources because its already used by devise_for or used some other resources for users


  get "home/index"
  get "home/minor"
  root to: 'home#index'

end

另外，在您的 config / initalizer / devise.rb 文件

更改 config.sign_out_via =：删除到 config.sign_out_via =：get

这篇关于在通过Devise销毁会话时，“找不到具有'id'= sign_out的用户”；的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！