curl在rails app中通过终端创建关联请求
[英]curl POST create association request via terminal in rails app
问题描述
I am trying to create CRUD api for my app, which has two models: User and Group, which have many-to-many association through :memberships table. 
我正在尝试为我的应用创建CRUD api,该应用有两个模型:User和Group,它们通过:memberships表具有多对多关联。
For authentication I use Devise (with :token_authenticatable option enabled) 对于身份验证,我使用Devise(启用:token_authenticatable选项)
I want to test API using curl. 我想使用curl测试API。
Sign Up works perfectly 注册效果很好
curl -v -H 'Content-Type: application/json' -H 'application/vnd.greenapp.v1' -X POST http://localhost:3000/api/registrations -d "{\"user\":{\"email\":\"user1@example.com\",\"name\":\"username\",\"password\":\"secret\",\"password_confirmation\":\"secret\"}}"
with response 有回应
{"success":true,"info":"Welcome! You have signed up successfully.","data":{"user":{"created_at":"2013-08-04T11:14:35Z","email":"user@example.com","id":2,"name":"username","updated_at":"2013-08-04T11:14:35Z"},"auth_token":"Eqp8jYsr5ExeNWbzrqef"}}* Closing connection #0
but I am struggling to find solution to create groups via API. 但我一直在努力寻找通过API创建群组的解决方案。 I tried 我试过了
curl -v -H 'Content-Type: application/json' -H 'application/vnd.greenapp.v1' -X POST http://localhost:3000/api/groups -d "{\"group\":{\"name\":\"groupname\",\"desc\":\"group description\"}}"
which returns (in server logs) 返回(在服务器日志中)
RuntimeError (Called id for nil, which would mistakenly be 4 -- if you really wanted the id of nil, use object_id): app/controllers/api/v1/groups_controller.rb:49:in `create'
So here is my groups controller: 所以这是我的群组控制器:
class Api::V1::GroupsController < ApplicationController
skip_before_filter :verify_authenticity_token,
:if => Proc.new { |c| c.request.format == 'application/json' }
respond_to :json
def new
@group = Group.new
respond_to do |format|
format.html # new.html.erb
format.json { render json: @group }
end
end
def create
@group = Group.new(params[:group])
@group.memberships.build(user_id: current_user.id)
respond_to do |format|
if @group.save
format.html { redirect_to @group, notice: 'Group was successfully created.' }
format.json { render json: @group, status: :created, location: @group }
else
format.html { render action: "new" }
format.json { render json: @group.errors, status: :unprocessable_entity }
end
end
end
end
Any ideas? 有任何想法吗?
Update 更新
SessionsCotroller SessionsCotroller
class Api::V1::SessionsController < Devise::SessionsController
skip_before_filter :verify_authenticity_token,
:if => Proc.new { |c| c.request.format == 'application/json' }
respond_to :json
def create
warden.authenticate!(:scope => resource_name, :store => false, :recall => "# {controller_path}#failure")
render :status => 200,
:json => { :success => true,
:info => t("devise.sessions.signed_in"),
:data => { :auth_token => current_user.authentication_token } }
end
def destroy
warden.authenticate!(:scope => resource_name, :store => false, :recall => "#{controller_path}#failure")
current_user.reset_authentication_token!
render :status => 200,
:json => { :success => true,
:info => t("devise.sessions.signed_out"),
:data => {} }
end
def failure
render :status => 401,
:json => { :success => false,
:info => "Login Failed",
:data => {} }
end
end
1 个解决方案
解决方案1
2 已采纳 2013-08-04 11:49:26
Your current_user instance is nil. 您的current_user实例为nil。 As part of your curl command you will need to supply the login credentials and ensure that your code logs in using those credentials as part of your before_filter. 作为curl命令的一部分,您将需要提供登录凭据,并确保您的代码使用这些凭据作为before_filter的一部分进行登录。
I'm surprised you are not getting an authentication exception. 我很惊讶您没有收到身份验证异常。 But maybe you haven't implemented your authentication system properly. 但是也许您没有正确实施身份验证系统。
To log in with an api you really need to be using HTTP BASIC authentication with a user name and password or to use some form of auth token. 要使用api登录,您确实需要使用带有用户名和密码的HTTP BASIC身份验证,或使用某种形式的auth令牌。
Unable to advise further as you have not supplied any information about your authentication functionality. 由于您未提供有关身份验证功能的任何信息,因此无法提供进一步的建议。
ps You really should write a test for this. ps你真的应该为此写一个测试。
UPDATE IN RESPONSE TO COMMENTS 更新以回应评论
Remove the skip_before_filter :verify_authenticity_token from your groups controller and supply a valid auth token along with your curl command. 从网上论坛控制器中删除skip_before_filter:verify_authenticity_token并提供有效的身份验证令牌以及curl命令。 I've never used devise or warden so I'm not entirely sure if you are going to face redirect issues. 我从未使用过devise或warden,所以我不确定是否会遇到重定向问题。
I usually find it is far simpler to roll my own authentication and it focuses the mind on making sure that ssl is forced on the right controller actions and gets me thinking about SSL certs for the web server and all those other little security things that tend to get forgotten about when you rely on a gem. 我通常发现,进行自己的身份验证要容易得多,它着眼于确保ssl被强制执行正确的控制器操作,并使我思考用于Web服务器的SSL证书以及所有其他可能导致安全问题的小安全问题。当您依赖宝石时会被遗忘。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.