这是我用于"当用户尝试登录两次或三次失败时"的功能。
class Users::SessionsController < Devise::SessionsController
prepend_before_filter :require_no_authentication, :only => [ :new, :create ]
prepend_before_filter :allow_params_authentication!, :only => :create
prepend_before_filter { request.env["devise.skip_timeout"] = true }
def new
cookies[:login_attempts] = cookies[:login_attempts] || 0
if params[:user] && cookies[:email].eql?(params[:user][:email]
cookies[:login_attempts] = cookies[:login_attempts].to_i + 1
else
cookies[:login_attempts] = 0
end
end
self.resource = resource_class.new(sign_in_params)
clean_up_passwords(resource)
respond_with(resource, serialize_options(resource))
end
# POST /resource/sign_in
def create
cookies[:email] = params[:user][:email]
self.resource = warden.authenticate!(auth_options)
if cookies[:email]
cookies[:login_attempts] = 0
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
else
unless params[:user][:email].blank?
if cookies[:email].eql?(params[:user][:email])
cookies[:login_attempts] = cookies[:login_attempts].to_i + 1
else
cookies[:login_attempts] = 0
end
end
render :new
end
end end
会话中/新:
<% if cookies[:login_attempts].to_i >= 3 %>
<div><%= raw recaptcha_tags %></div>
<% end %>
我能够成功地显示captcha,但在哪里可以为上述控制器添加"if-verify_captcha"验证。这很令人困惑。请尽力帮我。
我在我的一个项目中用以下控制器实现了相同的逻辑:
class Devs::SessionsController < Devise::SessionsController
prepend_before_filter :captcha_valid, :only => [:create]
layout 'devise'
def new
cookies[:login_attempts] ||= 0
cookies[:login_attempts] = cookies[:login_attempts].to_i + 1
end
def captcha_valid
if cookies[:login_attempts] && cookies[:login_attempts].to_i > 3
if verify_recaptcha
true
else
build_resource
respond_with_navigational(resource) { render :new }
end
end
end
end
这确实有点令人困惑,但我们不需要在"新"操作中检查重述,此操作仅用于显示登录页面。我们只需要在"创建"操作中检查repatcha,事实上,这就是会话的创建位置。因此,我们有一行prepend_before_filter :captcha_valid, :only => [:create]
,它将调用方法captcha_valid
并进行必要的验证。
我希望它能有所帮助。
这对我来说很好:
class Users::SessionsController < Devise::SessionsController
prepend_before_action :recaptcha, only: [:create]
def recaptcha
if not verify_recaptcha
redirect_to "/users/sign_in"
return false
end
end
def create
# custom sign-in code
end
end