0
我试图跳过为我的订阅控制器设计身份验证,但无济于事。我的注册控制器和会话控制器skip_before_filter都可以工作,但不是我刚刚添加的订阅控制器。我究竟做错了什么?Rails - 跳过设计身份验证不起作用
class V1::SubscriptionsController < ApplicationController
skip_before_filter :authenticate_user!
skip_before_filter :verify_authenticity_token, if: :json_request?
def create
@subscription = Subscription.new(subscription_params)
if @subscription.save
render json: @subscription, status: :created
else
render json: @subscription.errors, status: :unprocessable_entity
end
end
private
def subscription_params
params.require(:subscription).permit(:subscription_email)
end
end
我的应用程序控制器
class ApplicationController < ActionController::API
include CanCan::ControllerAdditions
include ActionController::RespondWith
include ActionController::Serialization
acts_as_token_authentication_handler_for User
rescue_from CanCan::AccessDenied do |exception|
respond_to do |format|
format.json { render nothing: true, status: :forbidden }
end
end
end
我的路线
Rails.application.routes.draw do
devise_for :users, skip: [:sessions, :registrations, :passwords]
api_version(module: "V1", header: { name: "Accept", value: "application/vnd.rolotext.json; version=1" }) do
devise_scope :user do
post 'registrations' => 'registrations#create'
post 'sessions' => 'sessions#create'
delete 'sessions' => 'sessions#destroy'
post 'passwords' => 'passwords#create'
patch 'passwords' => 'passwords#update'
post 'passwords/check_email' => 'passwords#check_email'
end
get '/me' => "users#me"
patch '/me' => 'users#update'
delete '/me' => 'users#destroy'
resources :cards, except: [ :new, :edit]
patch '/logos' => 'logos#update'
resources :logos, except: [ :new, :edit, :destroy ]
resources :uploads
post '/subscriptions' => "subscriptions#create"
end
end
任何帮助将是MUCHO赞赏
我试过了,不幸的是它不起作用。正如我前面提到的,其他控制器在跳过身份验证时没有问题,并且它们不会在authenticate_user中列为异常!过滤前。 – duwerq
最后一个想到我想要尝试将该异常添加到应用程序控制器中。 – liborza