誓言资源守门员缺少什么？

Question

我在路由文件中有use_doorkeeper。当我访问http://localhost:3021/oauth/applications 时，我得到：

Access to localhost was denied You don't have authorization to view this page.
HTTP ERROR 403

我也无法在http://localhost:3021/oauth/applications/new 中创建新客户端。

缺少什么？

这是我的路线文件

Rails.application.routes.draw do

  use_doorkeeper

end

这是我的 dookeeper 初始化程序

Doorkeeper.configure do
  # Change the ORM that doorkeeper will use (needs plugins)
  orm :active_record

  # This block will be called to check whether the resource owner is authenticated or not.
  resource_owner_authenticator do
    #raise "Please configure doorkeeper resource_owner_authenticator block located in #{__FILE__}"
    # Put your resource owner authentication logic here.
    # Example implementation:
    User.find_by_id(session[:user_id]) || redirect_to(new_user_session_url)
    #current_user || User.authenticate!(:scope => :user)

  end
end

Answer 1

在控制台中检查您的日志输出。 如果您看到以下几行，那么问题可能出在您的 doorkeeper.rb 中

Access to admin panel is forbidden due to Doorkeeper.configure.admin_authenticator being unconfigured.
Filter chain halted as :authenticate_admin! rendered or redirected
Completed 403 Forbidden in 2ms (ActiveRecord: 0.0ms)

您必须取消注释此部分：

  # admin_authenticator do
  #   # Put your admin authentication logic here.
  #   # Example implementation:
  #
  # if current_user
  #  head :forbidden unless current_user.admin?
  #   else
  #     redirect_to sign_in_url
  #   end
  # end

如果您没有设置管理员角色，请删除 head :forbidden unless current_user.admin?。

并且可能会更改重定向网址