堆栈内存溢出
  简体   繁体   English

如何检查用户登录并让 Backbone 获取/发布到 Rails 后端? (+设计)

[英]How to check user logged in and make Backbone get/post to Rails backend? (+Devise)

 原文  2015-04-29 03:14:10       jquery/ ruby-on-rails/ backbone.js/ devise

问题描述

I have a Rails backend which uses Devise, and a decoupled Backbone frontend on a separate site.我有一个使用 Devise 的 Rails 后端,以及一个单独站点上的解耦 Backbone 前端。

I'd like to have Backbone make GET calls to the separate Rails server to my Items resource.我想让 Backbone 对单独的 Rails 服务器进行GET调用以访问我的 Items 资源。 Based on:基于:

  1. If user is not logged in, make the GET call with some default parameters如果用户未登录,请使用一些默认参数进行GET调用
  2. If user is logged in, make the GET call with user.attribute as a parameter如果用户已登录,则使用user.attribute作为参数进行GET调用

I also want to allow the user to POST to edit account details (eg, user.attribute ).我还希望允许用户通过POST来编辑帐户详细信息(例如, user.attribute )。

How do I:我如何能:

  1. Check if user is logged in / allow user to log in from Backbone or separate Rails site检查用户是否已登录/允许用户从 Backbone 或单独的 Rails 站点登录
  2. Pull the logged-in user's attribute拉取登录用户的属性
  3. Verify authenticity when POST ing POST时验证真实性

TL;DR How to share a session between Devise and Backbone? TL;DR 如何在 Devise 和 Backbone 之间共享会话? How to make calls using that session?如何使用该会话拨打电话? Is session sharing the right structure?会话共享结构是否正确?

I've seen this answer and my understanding thus far is:我已经看到了这个答案,到目前为止我的理解是:

  • Backbone passes user's login information in a GET to Devise /signin Backbone 在GET中将用户的登录信息传递给 Devise /signin
  • Rails sends a session cookie back and other stuff that I somehow save in Backbone somewhere Rails 将会话 cookie 和我以某种方式保存在 Backbone 某处的其他内容发送回
  • Each time Backbone makes GET or POST calls, I use that session cookie and other stuff?每次 Backbone 进行GETPOST调用时,我都会使用那个会话 cookie 和其他东西吗? and Rails/Devise verifies it somehow和 Rails/Devise 以某种方式验证它

Thanks in advance -提前致谢 -

1 个解决方案

解决方案1
 0  2015-04-29 08:17:39

It's best for the front end to initially assume that the user is logged in, make the request, and for the server to fail the request back with a 401, 403, or similar response code, indicating to the front end that the users is not authenticated.前端最好首先假设用户已登录,发出请求,然后服务器用 401、403 或类似的响应代码将请求失败,向前端表明用户不是认证。 The front end should then make whatever calls are necessary to authenticate the user, and then reissue the original request(s) for the user as appropriate.然后前端应该进行任何必要的调用来验证用户,然后适当地为用户重新发出原始请求。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 仅在用户登录后如何使AJAX工作? -轨道 - How to make an AJAX work only if the user is logged in? -rails Laravel:如何通过jQuery检查用户是否登录 - Laravel: How to check whether a user logged in or not by jQuery 如何检查用户是否已登录javascript - How do I check if user is logged in javascript backbone.js - 用户登录时的处理方式 - backbone.js - handling if a user is logged in or not 获取当前登录用户的帖子ID并添加菜单链接 - Get post ID of current logged in user and add a link to the menu 使用jQuery $ .get()的骨干路由器承诺确定用户未按预期工作的登录状态 - Backbone router using jQuery $.get() promise to determine logged in state of user not working as expected 如果用户未登录,rails jquery弹出窗口 - rails jquery popup if user not logged in Rails-如何要求用户登录以使用jquery供电的按钮 - Rails - how to require user to be logged in for a jquery powered button Worklight-jQuery移动版| 如何检查用户是否在pagebeforeshow中登录? - Worklight - jquery mobile | How to check if a user is logged in in pagebeforeshow? 检查用户是否使用Jquery登录 - Check user is logged in using Jquery
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM