Railscasts:从头开始进行身份验证 - Rails 4 中缺少 :session 参数问题
Railscasts: authentication from scratch - missing :session param issue in Rails 4
我正在 Railscast: authentication from scratch in Rails 4,尽管本教程是为 Rails 3 构建的.
因此,必须对原始教程说明进行一些更改。
教程:http://railscasts.com/episodes/250-authentication-from-scratch?autoplay=true
当前运行进入错误
param is missing or the value is empty: session
想法:
- 我比较了下面的 2 个控制器。我对教程的更改是将参数移动到 session_params 方法中。
- 我知道这个错误是因为被 posted 的散列不包含像
"session" => { } 这样的散列。但是我对Rails的理解还不够深入,无法解决。
推荐控制器(rails3)
def create
user = User.authenticate(params[:email], params[:password])
if user
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
我的控制器(转换为Rails 4)
def create
user = User.authenticate(session_params)
if user
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
private
def session_params
params.require(:session).permit(:email, :password)
end
到目前为止,我只使用 Devise 进行身份验证,如果您能分享任何建议,在此先感谢您。
更新
根据要求,形成 post 会话
<h1>Log in</h1>
<%= form_tag sessions_path do %>
<p>
<%= label_tag :email %> <br/>
<%= text_field_tag :email, params[:email] %>
</p>
<p>
<%= label_tag :password %> <br/>
<%= password_field_tag :password %>
</p>
<p class="button"> <%= submit_tag %> </p>
<% end %>
更新 2
同时添加 user.rb 型号
class User < ActiveRecord::Base
attr_accessor :password
before_save :encrypt_password
validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email
def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, password_salt)
user
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end
试试这个:
在sessions_controller.rb
def create
@user = User.find_by(email: params[:session][:email].downcase)
if @user && @user.authenticate(params[:session][:password])
session[:user_id] = @user.id
flash[:success] = "#{@user.email}, Successfully Logged In"
redirect_to root_url, :notice => "Logged in!"
else
flash.now[:danger] = "Incorrect User/Password"
render 'new'
end
end
html形式
<%= form_for :session, url: :sessions do |f| %>
<div class="field">
<%= f.label :email %>
<%= f.email_field :email %>
</div>
<div class="field">
<%= f.label :password %>
<%= f.password_field :password %>
</div>
<%= f.submit "Sign In", class: "button" %>
<% end %>
routes.rb
post 'sessions' => 'sessions#create'
User.rb
class User < ActiveRecord::Base
has_secure_password
validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email
end
我正在 Railscast: authentication from scratch in Rails 4,尽管本教程是为 Rails 3 构建的. 因此,必须对原始教程说明进行一些更改。
教程:http://railscasts.com/episodes/250-authentication-from-scratch?autoplay=true
当前运行进入错误
param is missing or the value is empty: session
想法:
- 我比较了下面的 2 个控制器。我对教程的更改是将参数移动到 session_params 方法中。
- 我知道这个错误是因为被 posted 的散列不包含像
"session" => { }这样的散列。但是我对Rails的理解还不够深入,无法解决。
推荐控制器(rails3)
def create
user = User.authenticate(params[:email], params[:password])
if user
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
我的控制器(转换为Rails 4)
def create
user = User.authenticate(session_params)
if user
session[:user_id] = user.id
redirect_to root_url, :notice => "Logged in!"
else
flash.now.alert = "Invalid email or password"
render "new"
end
end
private
def session_params
params.require(:session).permit(:email, :password)
end
到目前为止,我只使用 Devise 进行身份验证,如果您能分享任何建议,在此先感谢您。
更新
根据要求,形成 post 会话
<h1>Log in</h1>
<%= form_tag sessions_path do %>
<p>
<%= label_tag :email %> <br/>
<%= text_field_tag :email, params[:email] %>
</p>
<p>
<%= label_tag :password %> <br/>
<%= password_field_tag :password %>
</p>
<p class="button"> <%= submit_tag %> </p>
<% end %>
更新 2
同时添加 user.rb 型号
class User < ActiveRecord::Base
attr_accessor :password
before_save :encrypt_password
validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email
def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, password_salt)
user
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
end
试试这个:
在sessions_controller.rb
def create
@user = User.find_by(email: params[:session][:email].downcase)
if @user && @user.authenticate(params[:session][:password])
session[:user_id] = @user.id
flash[:success] = "#{@user.email}, Successfully Logged In"
redirect_to root_url, :notice => "Logged in!"
else
flash.now[:danger] = "Incorrect User/Password"
render 'new'
end
end
html形式
<%= form_for :session, url: :sessions do |f| %>
<div class="field">
<%= f.label :email %>
<%= f.email_field :email %>
</div>
<div class="field">
<%= f.label :password %>
<%= f.password_field :password %>
</div>
<%= f.submit "Sign In", class: "button" %>
<% end %>
routes.rb
post 'sessions' => 'sessions#create'
User.rb
class User < ActiveRecord::Base
has_secure_password
validates_confirmation_of :password
validates_presence_of :password, :on => :create
validates_presence_of :email
validates_uniqueness_of :email
end