仅限Rails 5 Api-设计-反应-simple_token_authentication

Question

我有一个React前端和一个Rails 5 API仅后端，并且我正在尝试使simple_token_authentication gem起作用。 尝试登录时出现此错误：

Started POST "/users/sign_in.json" for 100.38.166.199 at 2017-05-05 02:31:24 +0000
Processing by Users::SessionsController#create as JSON
  Parameters: {"email"=>"test17@example.com", "password"=>"[FILTERED]", "session"=>{"email"=>"test17@example.com", "password"=>"[FILTERED]"}}
Completed 401 Unauthorized in 2ms (ActiveRecord: 0.0ms)

我怀疑它与CSRF有关。 我有时会收到CSRF真实性错误消息，但奇怪的是并非总是如此

这是我的路线：

Rails.application.routes.draw do

  devise_for :users, controllers: {
    sessions: 'users/sessions',
    registrations: 'users/registrations'
  }

  devise_for :admin_users, ActiveAdmin::Devise.config
  ActiveAdmin.routes(self)
  # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html

scope module: 'api' do
  namespace :v1 do
    resources :properties
    end  
  end
end

我的应用程序控制器（之所以有它，是因为我也在使用ActiveAdmin）

class ApplicationController < ActionController::Base
  respond_to :json
  acts_as_token_authentication_handler_for User, fallback_to_devise: false
end

这是在客户端发布请求的样子

export function signinUser({ email, password }) {
  return function(dispatch){

  //submit email password to the server
  axios.post(`${ROOT_URL}/users/sign_in.json`, { email, password })
    .then(response => {
      //if request is good, update state to indicate user is authenticated
      dispatch({ type: AUTH_USER});
      //-save the jwt token
      localStorage.setItem('authentication_token', response.data.token);
      //-redirect route somewhere
      browserHistory.push('/test');
    })
    .catch( error => {
    //if request is bad, show an error to the user
    dispatch(authError(error));
    })

  };

}

Answer 1

尝试：

acts_as_token_authentication_handler_for User, fallback: :exception

请注意， fallback: :none或fallback: :exception语法优于fallback_to_devise: false 。