3
我在Rails 4.2上使用了devise-token-auth gem,并且我在User模型中添加了一个字段nickname。我想通过创业板控制器DeviseTokenAuth控制器的强参数覆盖
class Users::RegistrationsController < DeviseTokenAuth::RegistrationsController
before_filter :configure_permitted_parameters
def update
#this line never shows in the logs
Rails.logger.info "I never get to run!!"
super
end
protected
# my new custom field is :nickname
def configure_permitted_parameters
devise_parameter_sanitizer.for(:sign_up) do |u|
u.permit(:name, :nickname,
:email, :password, :password_confirmation)
end
devise_parameter_sanitizer.for(:account_update) do |u|
u.permit(:name,
:email, :password, :password_confirmation, :nickname)
end
end
end
的路由配置这样的覆盖来实现这一点:
Rails.application.routes.draw do
namespace :api, constraints: { format: 'json' } do
mount_devise_token_auth_for 'User', at: 'auth', controllers: {
registrations: 'users/registrations'
}
end
end
,他们似乎有关的权利:
PATCH /api/auth(.:format) users/registrations#update {:format=>"json"}
PUT /api/auth(.:format) users/registrations#update {:format=>"json"}
然后我试着致电curl更新
curl -X PUT --dump-header headers_update -H "Access-Token: 2FHhLQFtIgDfSqsTaaCH_g" -H "Uid: [email protected]" -H "Client: -RUtwnCfgqvqwDjYPtajQA" -H "Token-Type: Bearer" -H "Expiry: 1447713314" http://api.local.dev:3000/api/auth -d "{ \"nickname\":\"somestuff\"}"
但更新调用永远不会运行。这是显示了请求后,服务器:
I, [2015-11-02T18:05:38.131091 #7940] INFO -- : Started PUT "/api/auth" for 127.0.0.1 at 2015-11-02 18:05:38 -0500
I, [2015-11-02T18:05:38.131222 #7940] INFO -- : Started PUT "/api/auth" for 127.0.0.1 at 2015-11-02 18:05:38 -0500
I, [2015-11-02T18:05:38.147209 #7940] INFO -- : Processing by Users::RegistrationsController#update as */*
I, [2015-11-02T18:05:38.147383 #7940] INFO -- : Processing by Users::RegistrationsController#update as */*
I, [2015-11-02T18:05:38.147490 #7940] INFO -- : Parameters: {"{ \"nickname\":\"somestuff\"}"=>nil}
I, [2015-11-02T18:05:38.147571 #7940] INFO -- : Parameters: {"{ \"nickname\":\"somestuff\"}"=>nil}
D, [2015-11-02T18:05:38.152778 #7940] DEBUG -- : User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."uid" = $1 LIMIT 1 [["uid", "[email protected]"]]
D, [2015-11-02T18:05:38.152934 #7940] DEBUG -- : User Load (0.7ms) SELECT "users".* FROM "users" WHERE "users"."uid" = $1 LIMIT 1 [["uid", "[email protected]"]]
D, [2015-11-02T18:05:38.224790 #7940] DEBUG -- : Unpermitted parameter: { "nickname":"somestuff"}
D, [2015-11-02T18:05:38.225023 #7940] DEBUG -- : Unpermitted parameter: { "nickname":"somestuff"}
I, [2015-11-02T18:05:38.237415 #7940] INFO -- : Filter chain halted as :validate_account_update_params rendered or redirected
I, [2015-11-02T18:05:38.237565 #7940] INFO -- : Filter chain halted as :validate_account_update_params rendered or redirected
I, [2015-11-02T18:05:38.237741 #7940] INFO -- : Completed 422 Unprocessable Entity in 90ms (Views: 0.3ms | ActiveRecord: 0.7ms)
I, [2015-11-02T18:05:38.237860 #7940] INFO -- : Completed 422 Unprocessable Entity in 90ms (Views: 0.3ms | ActiveRecord: 0.7ms)
和JSON回复curl是:
{"status":"error","errors":["Please submit proper account update data in request"]}
供参考,这是我的Gemfile
source 'https://rubygems.org'
gem 'rails', '4.2.1'
gem 'rails-api'
gem 'pg'
gem 'activerecord-postgis-adapter'
gem 'rgeo'
gem 'devise'
gem 'devise_token_auth', ">= 0.1.32.beta9" # Token based authentication for Rails JSON APIs
gem 'omniauth' # required for devise_token_auth
group :development, :test do
gem 'pry-byebug', '=1.3.3'
gem 'pry-stack_explorer'
gem 'pry-rails'
gem 'pry-remote'
# Access an IRB console on exception pages or by using <%= console %> in views
gem 'web-console', '~> 2.0'
# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
gem 'spring'
gem "rspec-rails", "~> 3.3"
end
group :test do
#gem "shoulda-matchers"
gem "factory_girl_rails"
gem 'ffaker'
end