为什么即使设置了allow_unconfirmed_access_for，Devise 也不允许未经确认的用户登录? [英] Why won't Devise allow unconfirmed users to login even when allow_unconfirmed_access_for is set?

问题描述

我们已有用户群，并且正在添加电子邮件确认.确认是可选的，但将允许附加功能.用户无需确认.我已经添加了可确认模块并运行了迁移.确认如宣传的那样工作.

We have an existing user base and are adding email confirmation. Confirmation is optional, but will allow additional features. Users are not required to confirm. I've added the confirmable module and ran migrations. Confirmation works as advertised.

但是，用户无法登录，因为他们没有得到确认.所有当前用户的确认值为零，这正是我们想要的(用户可以随时返回并确认他们的电子邮件).我已经关注了所有 Devise wiki 文章并在初始化程序中设置了 allow_unconfirmed_access_for :

But, users cannot login since they are not confirmed. All current users have nil confirmation values, which is what we want (users can go back and confirm their email at any time). I've followed all the Devise wiki articles and set allow_unconfirmed_access_for in the initializer:

config.allow_unconfirmed_access_for = 10.years 

我也尝试在我们的用户模型中设置它:

I've also tried setting it in our user model as well:

devise :confirmable, allow_unconfirmed_access_for: 10.years

我也尝试过使用其他值(1.year、500.days 等)

I've also tried using other values (1.year, 500.days, etc.)

我的 SessionsController，它与 Devise 的方法没有太大区别(这里在 github)

My SessionsController, which does not differ much from Devise's method (here on github)

class Users::SessionsController < Devise::SessionsController
  respond_to :json

  def new
    redirect_to "/#login"
  end

  def create
    resource = warden.authenticate(auth_options)
    if !resource
      render json: {error: "Invalid email or password" }, status: 401 and return
    end

    sign_in(resource_name, resource)
    render "sign_in", formats: [:json], locals: { object: resource }
  end
end

设计的回应:

{"error":"您必须先确认您的帐户，然后才能继续."}

{"error":"You have to confirm your account before continuing."}

使用 Rails 3.2.9 设计 2.1.2.

Devise 2.1.2 with Rails 3.2.9.

推荐答案

Devise 团队发布了一个版本 (2.2.4)，支持将 nil 作为 allow_unconfirmed_access_for 的有效值，这意味着没有限制.问题:https://github.com/plataformatec/devise/issues/2275

The Devise team have released a version (2.2.4) that supports nil as a valid value for allow_unconfirmed_access_for, meaning no limit. Issue: https://github.com/plataformatec/devise/issues/2275

您现在可以:

config.allow_unconfirmed_access_for = nil 

这篇关于为什么即使设置了allow_unconfirmed_access_for，Devise 也不允许未经确认的用户登录?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！