在我的Rails 4应用程序中我试图验证一个有效的用户,但是在以下重定向之后,会话被重置并且由于该空的结果。
auth
操作非常简单
def auth
logger.info "CALLING AUTH METHOD"
user = User.auth(params[:user][:username], params[:user][:password])
logger.info "USER: #{user.inspect}"
if user
logger.info "AUTH SUCCESSFULL"
session[:current_user_id] = user.id
logger.info "SET USER ID: #{session[:user_id]}"
redirect_to "/"
else
logger.info "AUTH FAILED"
redirect_to "/users/login"
end
end
日志条目看起来像是成功登录:
Started POST "/users/auth" for 127.0.0.1 at 2015-07-21 10:49:38 +0200
Processing by UsersController#auth as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"wvc9GxeKprFPvZX0MqdtDQi0j+Yi3RZk92IeKGMhFyD/WeMzefVwPyNfnyadhs1qFBI4wupi6YQm5B+Lh1ZJqA==", "user"=>{"username"=>"User", "password"=>"[FILTERED]"}, "commit"=>"Anmelden"}
CALLING AUTH METHOD
User Load (0.2ms) SELECT `users`.* FROM `users` WHERE `users`.`name` = 'User' LIMIT 1
USER: #<User id: 2, name: "User", password_encrypted: "21553e1e2823d5cb5fc1ed4633146edfb13e1565447026c2b6...", password_salt: "\\]=WA2ZIW^bOH]==@[`;JM?KMF``8M7K", role: "PARTICIPANT", loginable_type: "Laboratory", loginable_id: 3, created_at: "2015-07-20 13:51:50", updated_at: "2015-07-20 13:51:55">
AUTH SUCCESSFULL
SET USER ID: 2
Redirected to http://localhost:3000/
Completed 302 Found in 212ms (ActiveRecord: 184.5ms)
但在此之后会话重置。但是authenticity_token
存在。我还尝试通过向控制器添加skip_before_filter :verify_authenticity_token
来跳过令牌验证,但它没有帮助。