我正在尝试创建一个登录&使用会话注销功能。
当我尝试登录时,它没有返回任何错误,但它没有重定向到根网址或显示来自application.html.erb的注销链接。
我对会话控制器的配置:
class SessionsController < ApplicationController
def new
end
def create
user=User.authenticate(params[:email],params[:password])
if user
session[:user_id]=user.id
redirect_to root_url, notice: 'Logged In'
else
flash.now.alert="authentication failed"
end
end
def destroy
session[:user_id]=nil
redirect_to 'log_in'
end
end
节/ new.html.erb:
<h4><strong>Log in</strong></h4>
<%= form_tag sessions_path do %>
<div class="control-group">
<%= label_tag :email %>
<div class="controls">
<%= text_field_tag :email,params[:email]%><br /><br />
</div>
</div>
<div class="control-group">
<%= label_tag :password %>
<div class="controls">
<%= password_field_tag :password,class: 'form-control' %><br />
</div>
</div>
<div>
<p class="button"><%= submit_tag %></p>
</div>
<%end%>
用户模型:
class User < ActiveRecord::Base
attr_accessor :password
before_save :encrypt_password
has_many :posts
has_many :profiles
has_many :images
validates_presence_of :password
def self.authenticate(email,password)
user=find_by_email(email)
if user &&user.password_hash == BCrypt::Engine.hash_secret(password,user.password_salt)
user
else
nil
end
end
def encrypt_password
if password.present?
self.password_salt=BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password,password_salt)
end
end
end
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
helper_method :current_user
def current_user
@current_user ||= User.find(session[:user_id]) if session[:user_id]
end
end
的routes.rb
Rails.application.routes.draw do
get 'log_in'=>'sessions#new', as: 'log_in'
get 'sign_up'=>'users#new', as: 'sign_up'
root to:'users#new'
resources :users
resources :profiles
resources :posts
resources :images
resources :sessions
end
答案 0 :(得分:0)
伙计们找到了解决办法。
在User.rb中,我们有一个authenticate方法,该方法根据“USER”电子邮件地址和密码进行身份验证。 user = find_by_email(email)应该是 用户= User.find_by_email(电子邮件)。