如何使用`authenticate_or_request_with_http_token`方法

Question

我加入一些认证为我的Rails API唯一的应用程序，像这样在我application_controller.rb：

def is_admin 
    authenticate_or_request_with_http_token do |token, options| 
    if User.find_by(:auth_token => token) 
     value = true 
    else 
     value = false 
    end 
    end 
end 

而且在我的控制器：

admin = is_admin 
if admin 
    @voices = Voice.all.map do |voice| 
    voice.format 
    end 
else 
    @voices = 'Something else' 
end 

当我登录时，一切正常预期，但是当我没有登录，我得到以下错误：Render and/or redirect were called multiple times in this action. Please note that you may only call render OR redirect, and at most once per action. Also note that neither redirect nor render terminate execution of the action, so if you want to exit an action after redirecting, you need to do something like "redirect_to(...) and return".

虽然没有登录，我期待着ge “其他”的回应，然后我会继续处理它。

任何想法为什么会发生这种情况？

Answer 1

authenticate_or_request_with_http_token意在用于在动作之前运行的before_action过滤器。或者有明确的回报。

如果你只是想检查一个用户是否存在，你会使用authenticate_with_http_token这不会发送回应。

# app/helpers/authorization_helper.rb 
module AuthorizationHelper 
    # returns true/false 
    # sets @current_user if the request is authenticated 
    def authenticate! 
    return true if @current_user # avoid re-querying the DB 
    authenticate_with_http_token do |token, options| 
     @current_user = User.find_by(:auth_token => token) 
    end 
    end 

    def is_admin? 
    authenticate! 
    end 
end 

# app/controllers/api_controller.rb 
# or whatever controller you use as a base 
class ApplicationController < ActionController::API 
    include AuthorizationHelper 
end 

# in your controller 
def index 
    if is_admin? 
    @voices = Voice.all.map do |voice| 
    voice.format 
    else 
    @voices = 'Something else' 
    end 
end