PayPal IPN无法通过网站登录

Question

I am working on a ruby on rails project and need to use Paypal to allow a user to buy some coins usable on the website. To make the process as simple as possible I am just using a buy now button supplied by Paypal. The button is set up to notify a URL that will add the coins to a current user when accessed.

The website is set up so that if you are not logged in you can not access any page on the site. Here in lies the problem. I assumed that devise would be able to access the URL Paypal is trying to use by using the account last logged in. This dose not seem to be the case as tailing the heroku logs informs me that Paypal tries to go to the correct URL but is then forwarded to the sign in screen and the coins are not added.

In short my question is how can I allow the Paypal IPN to bypass the sign in screen while keeping the info for the last user that was signed in (So that I can access the correct current user in the code)

Hopefully I have provided enough info. If not I can post any requested code, or logs. Thanks for any assistance.

Update Useing the code below the program no longer forwards to paypal. Unfortunately current user is now null. So now the question becomes how can I retain the current use information?

Controller the url points to

class PaymentNotificationsController < ApplicationController
before_action :authenticate_user!, :except => [:create]
# POST /payment_notifications
# POST /payment_notifications.json

def create
puts "made it here"
#PaymentNotification.create!(:params => params)
current_user.coins += 100
current_user.save!
render :nothing => true
end

end

Aplication Controller

class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
before_action :authenticate_user!
skip_before_filter :verify_authenticity_token
end

Answer 1

我不太熟悉PayPal的工作原理，我猜想对端点使用：require_no_authentication可以使Paypal访问并使用令牌来限制访问。