使用ng令牌身份验证和devise_token_auth时,在DeviseTokenAuth::PasswordsController#编辑成功响应处理后,登录用户遇到问题。
是否应在单击密码请求链接并验证链接后自动创建auth_headers?
在成功处理并向用户颁发新令牌后,似乎不会创建cookie。
用户是使用电子邮件作为提供程序创建的。
我以为这与updateHeadersFromResponse防护有关,但在测试了不同的场景后,我无法获得cookie集。
使用:
"ng令牌身份验证":"~0.0.24"devise_toke_auth","0.1.32.β5"
发动机安装
mount_devise_token_auth_for 'User', at: 'api/v1/auth'
配置:
$authProvider.configure
apiUrl: '/api/v1'
camelcase: true
passwordResetSuccessUrl: "http://#{window.location.host}/passwords/new"
记录
I, [2015-02-25T13:51:01.777006 #9165] INFO -- : Processing by DeviseTokenAuth::PasswordsController#edit as HTML
I, [2015-02-25T13:51:01.777336 #9165] INFO -- : Parameters: {"config"=>"default", "redirect_url"=>"http://localhost:9000/passwords/new", "reset_password_token"=>"3jFKJQf7kvs9-zfF9wnc"}
D, [2015-02-25T13:51:01.778220 #9165] DEBUG -- : Unpermitted parameters: config, redirect_url
D, [2015-02-25T13:51:01.780147 #9165] DEBUG -- : User Load (0.6ms) SELECT "users".* FROM "users" WHERE "users"."reset_password_token" = $1 ORDER BY "users"."id" ASC LIMIT 1 [["reset_password_token", "c9ca932cda8b75ac015400c0f68e574b068d508a3b5b0d7876dbc3499323efc2"]]
D, [2015-02-25T13:51:01.793581 #9165] DEBUG -- : (0.3ms) BEGIN
D, [2015-02-25T13:51:01.833572 #9165] DEBUG -- : SQL (0.6ms) UPDATE "users" SET "reset_password_token" = $1, "reset_password_sent_at" = $2, "confirmed_at" = $3, "updated_at" = $4 WHERE "users"."id" = $5 [["reset_password_token", nil], ["reset_password_sent_at", nil], ["confirmed_at", "2015-02-25 19:51:01.815839"], ["updated_at", "2015-02-25 19:51:01.822137"], ["id", 1]]
D, [2015-02-25T13:51:01.839142 #9165] DEBUG -- : (0.7ms) COMMIT
D, [2015-02-25T13:51:01.912693 #9165] DEBUG -- : (0.3ms) BEGIN
D, [2015-02-25T13:51:01.946934 #9165] DEBUG -- : SQL (1.0ms) UPDATE "users" SET "tokens" = $1, "reset_password_token" = $2, "confirmed_at" = $3, "updated_at" = $4 WHERE "users"."id" = $5 [["tokens", "{....}"], ["reset_password_token", "3jFKJQf7kvs9-zfF9wnc"], ["confirmed_at", "2015-02-25 19:51:01.932491"], ["updated_at", "2015-02-25 19:51:01.936220"], ["id", 1]]
D, [2015-02-25T13:51:01.968907 #9165] DEBUG -- : (0.7ms) COMMIT
I, [2015-02-25T13:51:01.969659 #9165] INFO -- : Redirected to http://localhost:9000/passwords/new#?client_id=zi5ihgfTaJDQ3tFukpVDfA&config=default&expiry=&reset_password=true&token=kL7diwIIKNuAX-NGEVhwDA&uid=jackson%40lodestonesocial.com
I, [2015-02-25T13:51:01.969929 #9165] INFO -- : Completed 302 Found in 192ms (ActiveRecord: 4.2ms)
在重定向之前,我确实在请求中看到了Cookie-auth标头。
Remote Address:127.0.0.1:9000
Request URL:http://localhost:9000/api/v1/auth/password/edit?config=default&redirect_url=http%3A%2F%2Flocalhost%3A9000%2Fpasswords%2Fnew&reset_password_token=mb3nwTppyELyHwzi8ZD7
Request Method:GET
Status Code:302 Moved Temporarily
Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Cookie:mousestats_vi=e0efc4fe54f55ac24932; s_fid=1511233B84249BCF-2A70FF9576CEA8FF; __atuvc=2%7C37; _ga=GA1.1.874460992.1415391225; auth_headers=%7B%22access-token%22%3A%22s5U7OQDrABl-MM0kQzGGEw%22%2C%22token-type%22%3A%22Bearer%22%2C%22client%22%3A%22kjx3B-9SaMXIxR__PM2A9A%22%2C%22expiry%22%3A%221426114814%22%2C%22uid%22%3A%22jackson%40lodestonesocial.com%22%7D; currentConfigName=default
Host:localhost:9000
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36
Query String Parametersview sourceview URL encoded
config:default
redirect_url:http://localhost:9000/passwords/new
reset_password_token:mb3nwTppyELyHwzi8ZD7
Response Headers
cache-control:no-cache
connection:close
content-type:text/html; charset=utf-8
date:Thu, 26 Feb 2015 00:01:25 GMT
location:http://localhost:9000/passwords/new#?client_id=5K0492gspvoxQkG2cDW_3w&config=default&expiry=&reset_password=true&token=fHmDzTN4hGpZTzrpZ0tfdQ&uid=jackson%40lodestonesocial.com
status:302 Found
Transfer-Encoding:chunked
x-content-type-options:nosniff
x-frame-options:SAMEORIGIN
x-request-id:0b96ae82-8a43-4cef-8f2a-2ca443b62ef6
x-runtime:0.222208
x-xss-protection:1; mode=block
非常感谢您的帮助!
我刚才遇到了类似的问题,我只是重写了PasswordController
:
module Overrides
class PasswordsController < DeviseTokenAuth::PasswordsController
def resource_params
params.permit(:your_params)
end
end
end
确保您也相应地配置了路由文件:
mount_devise_token_auth_for 'User', at: 'auth', controllers: {
passwords: 'overrides/passwords'
}
此外,对我来说,因为我正在修改密码重置,我不得不修改我的设备用户模型以使用可确认的,并添加了一个电子邮件配置。
希望能有所帮助!