[英]Rails API Devise JWT disable sessions store
I'm using Rails 7 API only and gem devise-jwt
to authentication.我仅使用 Rails 7 API 和 gem devise
devise-jwt
进行身份验证。 Firstly, this is tutorial to setup: https://dakotaleemartinez.com/tutorials/devise-jwt-api-only-mode-for-authentication/首先,这是设置教程: https://dakotaleemartinez.com/tutorials/devise-jwt-api-only-mode-for-authentication/
It has a trouble, when i call API register new account, it shows a error: Your application has sessions disabled. To write to the session you must first configure a session store
它有一个问题,当我拨打 API 注册新帐户时,它显示错误:
Your application has sessions disabled. To write to the session you must first configure a session store
Your application has sessions disabled. To write to the session you must first configure a session store
I try to fix this issue (Add session store configuration into the application config)我尝试解决此问题(将 session 商店配置添加到应用程序配置中)
config.session_store :cookie_store, key: '_rails7_api_session'
config.middleware.use ActionDispatch::Cookies
config.middleware.use config.session_store, config.session_options
=> It worked, but i faced with the second trouble. => 它起作用了,但我遇到了第二个麻烦。 I defined a "/me" route to get current user.
我定义了一个“/me”路由来获取当前用户。 In theory, I need to pass the
Authorization
parameter on the header to be able to get the current user data (I'm using Postman).理论上,我需要在 header 上传递
Authorization
参数才能获取当前用户数据(我使用的是 Postman)。 But somehow (Probably because of session) I get the user data without the Authorization
parameter on the header.但不知何故(可能是因为会话)我在 header 上获得了没有
Authorization
参数的用户数据。
I want to fix this issue.我想解决这个问题。 Somebody can help me, please?
有人可以帮助我吗?
In the related /me
controller, have you put before_action:authenticate_user!
在相关的
/me
controller 中,你有没有把before_action:authenticate_user!
in the controller?在 controller 中?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.