在 Rails 上使用 Ruby 您可以使用会话和身份验证(gem bcrypt)拥有多种用户类型吗?
[英]Using Ruby on rails can you have multiple user types using sessions and authentication (gem bcrypt)?
问题描述
Sorry if the question is worded strangely, but this is the scenario I am dealing with here:
对不起,如果这个问题的措辞很奇怪,但这是我在这里处理的场景:
I am attempting to make a basic web app using rails for an assigned project and chose to create an online version of a pharmacy basically.我正在尝试使用 rails 为分配的项目制作一个基本的 web 应用程序,并选择创建一个药房的在线版本。 There will be more complication later, but for now I believe I just need to make a Patient model, controller, routes, and views, and want to have login authentication using a gem called bcrypt, as well as a Doctor that does all the same stuff but they would discretely access their own view pages and only be able to after authentication.以后会有更多的复杂情况,但现在我相信我只需要制作一个 Patient model、controller、路由和视图,并希望使用名为 bcrypt 的 gem 进行登录身份验证,以及做同样操作的 Doctor东西,但他们会离散地访问自己的视图页面,并且只能在身份验证后才能访问。 I am using a session controller and have session views as well.我正在使用 session controller 并且也有 session 视图。 It's getting complicated for me at this point since I am pretty new to programming and I have not been able to find an answer to the question of whether one would make it all happen through just "Users" (how all examples and tutorials do it), or through separate user types as I am currently attempting to set it up (ie 'Patients' and 'Doctors').在这一点上,这对我来说变得越来越复杂,因为我对编程还很陌生,而且我无法找到一个问题的答案,即是否可以通过“用户”来实现这一切(所有示例和教程都是如何做到的) ,或通过我目前尝试设置的不同用户类型(即“患者”和“医生”)。 I really appreciate any help.我真的很感激任何帮助。 I will do my best to clarify more if needed.如果需要,我会尽力澄清更多。
2 个解决方案
解决方案1
0 2020-05-27 08:34:05
Using 'Devise' gem (and its extensions) you can do all these things including multiple user types.使用“设计”gem(及其扩展),您可以做所有这些事情,包括多种用户类型。 By the way, devise is actually using bcrypt in its own implementation.顺便说一句,devise 实际上是在自己的实现中使用 bcrypt。
https://github.com/heartcombo/devise https://github.com/heartcombo/devise
解决方案2
0 已采纳 2020-07-02 23:15:00
I do appreciate the response to the question, however I was specifically attempting to not use Devise for this project.我很欣赏对这个问题的回答,但是我特别试图不为这个项目使用 Devise。 We ended up abstracting the sessions such that either type of user could have a session, authentication, and authorization in order to make it secure based on which route was selected basically.我们最终对会话进行了抽象,这样任何一种类型的用户都可以拥有 session、身份验证和授权,以便根据基本选择的路由使其安全。 That way, we did not need to make a separate session view and controller for the separate user types.这样,我们不需要为单独的用户类型制作单独的 session 视图和 controller。 The most important thing was this bit of code in the SessionsController:最重要的是 SessionsController 中的这段代码:
def create
if params[:patient]
@patient = Patient.find_by(email: params[:email])
if @patient && @patient.authenticate(params[:password])
session[:patient_id] = @patient.id
redirect_to @patient
else
render 'patients/login'
end
elsif params[:doctor]
@doctor = Doctor.find_by(email: params[:email])
if @doctor && @doctor.authenticate(params[:password])
session[:doctor_id] = @doctor.id
redirect_to @doctor
else
render 'doctors/login'
end
end
end
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.