Rails在登录后重置会话

时间:2015-07-21 08:54:04

标签: ruby-on-rails session ruby-on-rails-4 authentication

在我的Rails 4应用程序中我试图验证一个有效的用户,但是在以下重定向之后,会话被重置并且由于该空的结果。

auth操作非常简单

  def auth
    logger.info "CALLING AUTH METHOD"
    user = User.auth(params[:user][:username], params[:user][:password])
    logger.info "USER: #{user.inspect}"
    if user
      logger.info "AUTH SUCCESSFULL"
      session[:current_user_id] = user.id
      logger.info "SET USER ID: #{session[:user_id]}"
      redirect_to "/"
    else
      logger.info "AUTH FAILED"
      redirect_to "/users/login"
    end
  end

日志条目看起来像是成功登录:

Started POST "/users/auth" for 127.0.0.1 at 2015-07-21 10:49:38 +0200
Processing by UsersController#auth as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"wvc9GxeKprFPvZX0MqdtDQi0j+Yi3RZk92IeKGMhFyD/WeMzefVwPyNfnyadhs1qFBI4wupi6YQm5B+Lh1ZJqA==", "user"=>{"username"=>"User", "password"=>"[FILTERED]"}, "commit"=>"Anmelden"}
CALLING AUTH METHOD
  User Load (0.2ms)  SELECT  `users`.* FROM `users` WHERE `users`.`name` = 'User' LIMIT 1
USER: #<User id: 2, name: "User", password_encrypted: "21553e1e2823d5cb5fc1ed4633146edfb13e1565447026c2b6...", password_salt: "\\]=WA2ZIW^bOH]==@[`;JM?KMF``8M7K", role: "PARTICIPANT", loginable_type: "Laboratory", loginable_id: 3, created_at: "2015-07-20 13:51:50", updated_at: "2015-07-20 13:51:55">
AUTH SUCCESSFULL
SET USER ID: 2
Redirected to http://localhost:3000/
Completed 302 Found in 212ms (ActiveRecord: 184.5ms)

但在此之后会话重置。但是authenticity_token存在。我还尝试通过向控制器添加skip_before_filter :verify_authenticity_token来跳过令牌验证,但它没有帮助。

0 个答案:

没有答案