所以我有一个简单的创建方法:
def create
byebug
user = User.create!(user_params)
session[:user_id] = user.id
render json: user, status: :created
end
def user_params
params
.require(:user)
.permit(
:id,
:username,
:first_name,
:last_name,
:role,
:team_id,
:is_team_lead,
:avatar,
:password,
:email,
)
end
当我点击byebug时,我检查了我的参数:#<ActionController::Parameters {"username"=>"User1", "first_name"=>"UserFirst", "last_name"=>"UserLast", "email"=>"abcd@test.com", "is_team_lead"=>false, "avatar"=>"", "password"=>"123456", "controller"=>"users", "action"=>"create", "user"=>{"username"=>"User1", "first_name"=>"UserFirst", "last_name"=>"UserLast", "is_team_lead"=>false, "avatar"=>"", "email"=>"abcd@test.com"}} permitted: false>
我注意到最后在用户对象中丢失了密码参数。为什么会发生这种情况?
注意:我使用的是bcrypt,我的模型有has_secure_password。我还检查了我的模式,它有密码。
我解决了我的问题。我没有将我的提取包装在一个用户对象中,比如:
body: JSON.stringify({
user: {
username: userInfo.username,
first_name: userInfo.first_name,
last_name: userInfo.last_name,
email: userInfo.email,
is_team_lead: false,
avatar: userInfo.avatar,
password: userInfo.password,
},
}),
我还发现我本可以把它添加到我的UserController中来解决这个问题:
wrap_parameters :user,
include: %i[
id
username
first_name
last_name
role
team_id
is_team_lead
avatar
password
email
]