[英]Rails devise-jwt session storage
devise-jwt gem 文檔說,如果啟用了 session 存儲,則必須跳過它以進行 jwt 身份驗證。 它說你應該在 devise.rb 上設置:
config.skip_session_storage = [:http_auth, :params_auth]
你應該禁用:database_authenticable。 這部分我完全不明白。 如果在我的用戶 model 中,我刪除:database_authenticable,我為登錄配置的路由不可用:
ActionController::RoutingError (沒有路由匹配 [POST] "/login"):
用戶.rb
class User < ApplicationRecord
rolify role_join_table_name: 'public.user_roles'
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
# devise :database_authenticatable,
devise :registerable,
:recoverable,
:rememberable,
:validatable,
:jwt_authenticatable,
jwt_revocation_strategy: Devise::JWT::RevocationStrategies::Null
end
devise.rb
config.skip_session_storage = %i[http_auth params_auth]
路線.rb
Rails.application.routes.draw do
# For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
devise_for :users, defaults: { format: :json },
path: '',
path_names: {
sign_in: 'login',
sign_out: 'logout',
registration: 'signup'
},
controllers: {
sessions: 'users/sessions',
registrations: 'users/registrations'
}
end
我應該怎么做才能保留 session,而不是 jwt 身份驗證?
好吧,在調整了我在這篇文章https://blog.siliconjungles.io/devise-jwt-with-sessions-hybrid中找到的解決方案后,答案如下:
猴子補丁:config/initializers/warden/proxy.rb
module Warden
class Proxy
def user(_argument = {})
if request.format.json?
return nil
end
end
end
end
並且您必須為 api 身份驗證和默認行為分開路由:
路線.rb
namespace :api do
namespace :v1 do
devise_scope :user do
post 'auth/signup', to: 'registrations#create'
post 'auth/signin', to: 'sessions#create'
delete 'auth/signout', to: 'sessions#destroy'
end
end
end
devise_for :users
使用Ruby On Rails中的Devise-jwt作為后端以及Vuejs作為前端的用戶身份驗證
[英]User authentication with Devise-jwt in Ruby On Rails as backend and Vuejs as frontend
登錄后,Rails devise-jwt gem是否不會在用戶中更新jti?
[英]Rails devise-jwt gem is not updating jti in the user after login?
Rails 6 - devise-jwt 黑名單撤銷策略在退出時沒有發生
[英]Rails 6 - devise-jwt Blacklist revocation strategy not happening on sign out
在 Rails 中將 devise-jwt 添加到現有用戶 model 時出現問題
[英]Issues when adding devise-jwt to a existente User model in Rails
Rails Devise-JWT,如何配置devise.rb以添加dispatch_requests
[英]Rails Devise-JWT, how to configure devise.rb to add a dispatch_requests
如何在rails api中使用devise-jwt設計登錄,注冊和注銷
[英]How to use devise-jwt with devise for signin, signup and signout in rails api
TypeError(沒有將 nil 隱式轉換為 String)Rails devise-jwt gem 在生產環境中
[英]TypeError (no implicit conversion of nil into String) Rails devise-jwt gem on Production environment
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.