【发布时间】:2013-01-10 09:10:26
【问题描述】:
我有一个非常标准的 Devise 登录程序:
查看:
resource_name, :url => session_path(resource_name)) 做 |f| %><%= f.input :password, input_html: {class: "span6"} %>
<% if devise_mapping.rememberable? -%>
<p><%= f.check_box :remember_me %> Remember me</p>
<% end -%>
<input type="hidden" name="after_sign_in_page" value="<%=@after_sign_in_page%>">
<p><%= f.submit "Sign in", class: "btn btn-success" %></p>
我刚刚创建了一个会话控制器来小写电子邮件:
class SessionsController < Devise::SessionsController
def create
params[:user][:email].downcase!
super
logger.debug "Errors: #{resource.errors}"
end
使用良好凭据登录会很好。
使用错误的凭据,它会重定向到带有此日志的登录页面:
Started POST "/users/sign_in" for 127.0.0.1 at 2013-01-10 09:59:44 +0100
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"8eytQkr20JOOOdDvpCWakbmUzNoaHMxK9/BSEVxETik=", "user"=>{"email"=>"nicolas@demoreau.be", "password"=>"[FILTERED]", "remember_me"=>"0"}, "after_sign_in_page"=>"", "commit"=>"Sign in"}
Time zone: (GMT+00:00) UTC, current area: , user to register: , current controller: sessions
Completed 401 Unauthorized in 69ms
Processing by SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"8eytQkr20JOOOdDvpCWakbmUzNoaHMxK9/BSEVxETik=", "user"=>{"email"=>"nicolas@demoreau.be", "password"=>"[FILTERED]", "remember_me"=>"0"}, "after_sign_in_page"=>"", "commit"=>"Sign in"}
Rendered devise/sessions/_new.html.erb (17.8ms)
Rendered devise/sessions/new.html.erb within layouts/application (19.7ms)
Rendered layouts/_header.html.erb (66.1ms)
Completed 200 OK in 173ms (Views: 98.3ms | ActiveRecord: 0.9ms)
显然 401 是 Warden 放弃的,但我不知道为什么。 用户被正确重定向回登录页面,但没有显示错误消息(这是正常的,因为它们被重定向清除了)
我做错了什么?
谢谢!
编辑 1:
现在,我找到了一个快速破解方法。我在 SessionsController#new 中添加了这个
if params[:user]
flash[:alert] = "Incorrect login or password"
end
不是很优雅,但至少,我有一些东西。
【问题讨论】:
标签: ruby-on-rails devise warden