当前位置 : 主页 > 编程语言 > ruby >

ruby-on-rails-4 – DeviseTokenAuth控制器的强参数覆盖

来源:互联网 收集:自由互联 发布时间:2021-06-23
我在Rails 4.2上使用 devise-token-auth gem,并且我在User模型中添加了一个字段昵称.我试图通过覆盖gem控制器来实现这一点 class Users::RegistrationsController DeviseTokenAuth::RegistrationsController before_fil
我在Rails 4.2上使用 devise-token-auth gem,并且我在User模型中添加了一个字段昵称.我试图通过覆盖gem控制器来实现这一点 

class Users::RegistrationsController < DeviseTokenAuth::RegistrationsController

  before_filter :configure_permitted_parameters

  def update
    #this line never shows in the logs
    Rails.logger.info "I never get to run!!"
    super
  end

  protected

  # my new custom field is :nickname
  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:sign_up) do |u|
      u.permit(:name, :nickname,
        :email, :password, :password_confirmation)
    end
    devise_parameter_sanitizer.for(:account_update) do |u|
      u.permit(:name,
        :email, :password, :password_confirmation, :nickname)
    end
  end
end

路由配置如下:

Rails.application.routes.draw do
    namespace :api, constraints: { format: 'json' } do
        mount_devise_token_auth_for 'User', at: 'auth', controllers: {
          registrations:  'users/registrations'
        }
    end
  end

他们似乎是对的:

PATCH  /api/auth(.:format)                    users/registrations#update {:format=>"json"}
PUT    /api/auth(.:format)                    users/registrations#update {:format=>"json"}

然后我尝试从curl调用更新

curl -X PUT --dump-header headers_update -H "Access-Token: 2FHhLQFtIgDfSqsTaaCH_g" -H "Uid: sample5@example.com" -H "Client: -RUtwnCfgqvqwDjYPtajQA" -H "Token-Type: Bearer" -H "Expiry: 1447713314" http://api.local.dev:3000/api/auth -d "{ \"nickname\":\"somestuff\"}"

但更新调用永远不会运行.这是在请求后显示服务器的内容:

I, [2015-11-02T18:05:38.131091 #7940]  INFO -- : Started PUT "/api/auth" for 127.0.0.1 at 2015-11-02 18:05:38 -0500
I, [2015-11-02T18:05:38.131222 #7940]  INFO -- : Started PUT "/api/auth" for 127.0.0.1 at 2015-11-02 18:05:38 -0500
I, [2015-11-02T18:05:38.147209 #7940]  INFO -- : Processing by Users::RegistrationsController#update as */*
I, [2015-11-02T18:05:38.147383 #7940]  INFO -- : Processing by Users::RegistrationsController#update as */*
I, [2015-11-02T18:05:38.147490 #7940]  INFO -- :   Parameters: {"{ \"nickname\":\"somestuff\"}"=>nil}
I, [2015-11-02T18:05:38.147571 #7940]  INFO -- :   Parameters: {"{ \"nickname\":\"somestuff\"}"=>nil}
D, [2015-11-02T18:05:38.152778 #7940] DEBUG -- :   User Load (0.7ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = $1 LIMIT 1  [["uid", "sample5@example.com"]]
D, [2015-11-02T18:05:38.152934 #7940] DEBUG -- :   User Load (0.7ms)  SELECT  "users".* FROM "users" WHERE "users"."uid" = $1 LIMIT 1  [["uid", "sample5@example.com"]]
D, [2015-11-02T18:05:38.224790 #7940] DEBUG -- : Unpermitted parameter: { "nickname":"somestuff"}
D, [2015-11-02T18:05:38.225023 #7940] DEBUG -- : Unpermitted parameter: { "nickname":"somestuff"}
I, [2015-11-02T18:05:38.237415 #7940]  INFO -- : Filter chain halted as :validate_account_update_params rendered or redirected
I, [2015-11-02T18:05:38.237565 #7940]  INFO -- : Filter chain halted as :validate_account_update_params rendered or redirected
I, [2015-11-02T18:05:38.237741 #7940]  INFO -- : Completed 422 Unprocessable Entity in 90ms (Views: 0.3ms | ActiveRecord: 0.7ms)
I, [2015-11-02T18:05:38.237860 #7940]  INFO -- : Completed 422 Unprocessable Entity in 90ms (Views: 0.3ms | ActiveRecord: 0.7ms)

而json对curl的回复是:

{"status":"error","errors":["Please submit proper account update data in request"]}

作为参考,这是我的Gemfile

source 'https://rubygems.org'


gem 'rails', '4.2.1'

gem 'rails-api'

gem 'pg'
gem 'activerecord-postgis-adapter'
gem 'rgeo'
gem 'devise'
gem 'devise_token_auth', ">= 0.1.32.beta9" # Token based authentication for Rails JSON APIs
gem 'omniauth' # required for devise_token_auth

group :development, :test do
    gem 'pry-byebug', '=1.3.3'
    gem 'pry-stack_explorer'
    gem 'pry-rails'
    gem 'pry-remote'

  # Access an IRB console on exception pages or by using <%= console %> in views
  gem 'web-console', '~> 2.0'

  # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
  gem 'spring'

  gem "rspec-rails", "~> 3.3"
end

group :test do

  #gem "shoulda-matchers"
  gem "factory_girl_rails"
  gem 'ffaker'
end
它对我有用.

>从devise-token-auth gem中提取RegistrationsController
>创建app / controllers / users / registrations_controller.rb:

.

class Users::RegistrationsController < DeviseTokenAuth::RegistrationsController

end

并粘贴p.1中的内容

>添加到控制器的末尾:

.

def sign_up_params              
   params.require(:registration).permit(:name, :nick, :email, :password, :password_confirmation)

end

>像你一样配置路由

更新:

对第3步的更改适用于devise_token_auth v0.1.39:

  def sign_up_params    permit(:name,:email,:password,:password_confirmation)  结束

上一篇:ruby – 合并两个哈希的时间复杂度
下一篇:ruby-on-rails – Ruby on Rails:如何使用link_to添加“aria-hidden =’true’”
网友评论
相关栏目
最近更新
热门文章