[英]Rails 5 + Devise: ActionController::InvalidAuthenticityToken
I created a new app with Rails 5 and Devise, set the authentication and everything was working well for a few weeks. 我使用Rails 5和Devise创建了一个新应用程序,设置了身份验证,并且一切正常运行了几个星期。
Today, I tried to log in on the production server and got this error: 今天,我尝试登录生产服务器并收到此错误:
ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken
After some googling, I found out that I need to do this change: 经过一番谷歌搜索,我发现我需要进行此更改:
class ApplicationController < ActionController::Base
#protect_from_forgery with: :exception # because of Devise + Rails 5 behavior
protect_from_forgery prepend: true
def after_sign_in_path_for(resource_or_scope)
my_listings_path
end
def after_sign_out_path_for(resource_or_scope)
root_path
end
end
After this change and deploy on the production server, I try to log in - and error. 进行此更改并将其部署在生产服务器上后,我尝试登录-和错误。 But a different one - now the app redirects me on my_listings_path
(which is all correct), but the problem is that I get this error: 但是不同的是-现在应用程序将我重定向到my_listings_path
(这是正确的),但是问题是我遇到了以下错误:
NoMethodError: undefined method `listings' for nil:NilClass
So I look what is the problem here, and: 所以我看这里是什么问题,并且:
@listings = current_user.listings.order('id DESC')
which means that current_user
is empty ( nil
) -- how come? 这意味着current_user
为空( nil
)-为什么呢? Also, I have in the <head>
tag on the website this: 另外,我在网站的<head>
标记中具有以下内容:
<%= csrf_meta_tags %>
Another note - on localhost, everything is working well, but on the production server I am keep getting those error messages. 另一个注意事项-在localhost上,一切正常,但是在生产服务器上,我一直在收到这些错误消息。
Any advise? 有什么建议吗?
Thank you! 谢谢!
You need to set before_action :authenticate_user!
您需要设置before_action :authenticate_user!
in your controller if you want current_user
to work. 如果希望current_user
工作,请在控制器中输入。 I'm guessing that the reason it's working on localhost for you, is because you somehow have the current_user set in your session. 我猜测它为您在localhost上运行的原因是因为您在会话中以某种方式设置了current_user。 I don't think it works if you try in incognito. 如果您尝试使用隐身模式,我认为它不起作用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.