【发布时间】:2013-04-25 18:46:50
【问题描述】:
我无法辨别为什么我的应用返回 401 Unauthorized。我的机构控制器中的其他操作在未登录时工作得很好。但是,这个页面和另一个页面返回 401。如果登录,这些页面工作得很好,但它们不需要登录。我什至已经这样做了至于清空视图和操作,但页面仍然返回 401。通过提琴手调试时,我只是收到 302 重定向。
我尝试在其他地方进行研究,并尝试了Warden authentication recalls 401 Unauthorized 的解决方案,但没有成功。
控制台
Started GET "/institutions/3" for 127.0.0.1 at 2013-04-25 14:38:15 -0400
Processing by InstitutionsController#show as HTML
Parameters: {"id"=>"3"}
←[1m←[36mInstitution Load (0.0ms)←[0m ←[1mSELECT `institutions`.* FROM `institutions` WHERE `institutions`.`id` = 3 LIMIT 1←[0m
Load data...
Load assets...
然后我提交表单,方法设置为GET
Started GET "/visit/schedule/preview?utf8=%E2%9C%93&selected_ids=4693" for 127.0.0.1 at 2013
-04-25 14:28:53 -0400
Processing by InstitutionsController#previewselectedvisits as HTML
Parameters: {"utf8"=>"√", "selected_ids"=>"4693"}
Completed 401 Unauthorized in 0ms
Started GET "/users/sign_in" for 127.0.0.1 at 2013-04-25 14:28:53 -0400
Processing by Devise::SessionsController#new as HTML
Rendered devise/sessions/new.html.erb within layouts/application (15.6ms)
Rendered auth/_login.html.erb (0.0ms)
Rendered auth/_loginmodal.html.erb (0.0ms)
Rendered shared/_navbarout.html.erb (0.0ms)
Rendered shared/_navbar.html.erb (0.0ms)
←[1m←[36mInstitution Load (0.0ms)←[0m ←[1mSELECT name FROM `institutions` ←[0m
Rendered search/_searchbar.html.erb (0.0ms)
Rendered search/_searchresults.html.erb (0.0ms)
Rendered shared/_footer.html.erb (0.0ms)
Completed 200 OK in 140ms (Views: 46.8ms | ActiveRecord: 15.6ms)
Load assets...
相关路线
devise_for :users
match 'visit/schedule/preview' => 'institutions#previewselectedvisits', :as => :preview_visits, :via => :get
match "institutions/:id" => "institutions#show", :as => :show_institution
rake 路线
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_password POST /users/password(.:format) devise/passwords#create
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
PUT /users/password(.:format) devise/passwords#update
cancel_user_registration GET /users/cancel(.:format) devise_invitable/registrations#cancel
user_registration POST /users(.:format) devise_invitable/registrations#create
new_user_registration GET /users/sign_up(.:format) devise_invitable/registrations#new
edit_user_registration GET /users/edit(.:format) devise_invitable/registrations#edit
PUT /users(.:format) devise_invitable/registrations#update
DELETE /users(.:format) devise_invitable/registrations#destroy
user_confirmation POST /users/confirmation(.:format) devise/confirmations#create
new_user_confirmation GET /users/confirmation/new(.:format) devise/confirmations#new
GET /users/confirmation(.:format) devise/confirmations#show
user_unlock POST /users/unlock(.:format) devise/unlocks#create
new_user_unlock GET /users/unlock/new(.:format) devise/unlocks#new
GET /users/unlock(.:format) devise/unlocks#show
accept_user_invitation GET /users/invitation/accept(.:format) devise/invitations#edit
remove_user_invitation GET /users/invitation/remove(.:format) devise/invitations#destroy
user_invitation POST /users/invitation(.:format) devise/invitations#create
new_user_invitation GET /users/invitation/new(.:format) devise/invitations#new
PUT /users/invitation(.:format) devise/invitations#update
preview_visits GET /visit/schedule/preview(.:format) institutions#previewselectedvisits
show_institution /institutions/:id(.:format) institutions#show
vote_institution /institutions/:id/vote/:visittype_id(.:format) institutions#vote
/institutions/:id/:offset(.:format) institutions#show
institutions /institutions(.:format) institutions#index
schedule_visits /schedule(.:format) institutions#index
auth_failure /auth/failure(.:format) services#failure
/auth/:service/:callback(.:format) services#create
services GET /services(.:format) services#index
POST /services(.:format) services#create
service DELETE /services/:id(.:format) services#destroy
login_user /users/login(.:format) users#login
myvisits_user /users/myvisits(.:format) users#myvisits
email_myvisits_user /users/myvisits/email(.:format) users#emailmyvisits
remove_visit_from_user /users/removevisit/:id/:user_id(.:format) users#rmvisit
addvisits_user /users/addvisits(.:format) users#addvisits
changevisit_user /users/visits/:user_id/:visit_id/:is_going(.:format) users#toggle_user_going_on_visit
add_family_to_user /users/invite(.:format) users#addfamilymember
add_family_default_to_user /users/profile/addfamilymemberdefault(.:format) users#addfamilymember_default
remove_family_from_user /users/profile/removefamilymember(.:format) users#rmfamilymember
update_profile_user /users/profile/update(.:format) users#update
update_profile_other_user /users/profile/update/:id(.:format) users#update
edit_profile_user /users/profile/edit(.:format) users#edit
show_profile_user /users/profile(.:format) users#show
users /users(.:format) users#show
families GET /families(.:format) families#index
POST /families(.:format) families#create
new_family GET /families/new(.:format) families#new
edit_family GET /families/:id/edit(.:format) families#edit
family GET /families/:id(.:format) families#show
PUT /families/:id(.:format) families#update
DELETE /families/:id(.:format) families#destroy
visits /visits(.:format) visits#index
company /company(.:format) company#aboutus
edu /edu(.:format) edu#index
root / institutions#index
宝石文件
source 'https://rubygems.org'
gem 'rails', '3.2.12'
gem 'mysql2'
gem 'execjs'
group :assets do
gem 'sass-rails', '~> 3.2.3'
gem 'coffee-rails', '~> 3.2.1'
gem 'uglifier', '>= 1.0.3'
end
gem 'jquery-rails'
gem 'simple_form'
gem 'devise'
gem 'devise_invitable'
gem 'omniauth'
gem "omniauth-google-oauth2"
gem 'omniauth-linkedin-oauth2'
gem 'omniauth-facebook'
#in-place editing
gem 'best_in_place'
#email template convert to inline
gem 'roadie'
#amazon web services and images
gem 'paperclip'
gem 'aws-sdk'
【问题讨论】:
-
您能列出您的 Gemfile 中有哪些宝石吗?授权通常通过单独的 gem 完成,独立于身份验证。
-
谢谢@Tilo Gemfile 已添加
-
看起来授权是在您的应用中手动实现的
-
检查您的 InstitutionsController 和 ApplicationController 的代码 -- 查找其中包含
current_user的语句 -
我在整个机构控制器中都使用了
current_user,但始终包含在操作中。无论用户是否登录但使用 current_user 都有效的操作之一是机构#show。 previewselectedvisits 操作当前是空的,视图也是如此,但它仍然返回 401。ApplicationController 没有使用 current_user
标签: ruby-on-rails-3 devise http-status-code-401 warden