RESTful 身份验证:尝试对基于 cookie 的身份验证进行简单重定向时遇到困难
我有一个使用 RESTful 身份验证插件的 RoR 应用程序。 一切都很好。 我最近启用了基于 cookie 的身份验证,效果也很好。 问题是我想在使用 cookie 对用户进行身份验证时更改默认登录页面。 我想让一个经过 cookie 身份验证的用户重定向到他们从登录表单成功登录后重定向到的同一页面。 它们始终定向到原始请求 URL。 我正在绞尽脑汁地思考这个问题,因为我以为我理解它是如何工作的,而我所做的每一个改变似乎都没有影响。
我怀疑这很简单,但我显然错过了它。 如果您提供任何反馈、指导或建议,我将不胜感激。
I have a RoR application that's using the RESTful Authentication plug-in. Everything works great. I recently enabled cookie based authentication and that works fine too. The problem is that I want to change the default landing page when the user is authenticated using a cookie. I want to have a cookie authenticated user redirected to the same page they are redirected to upon successful login from the login form. They are always directed to the original request URL. I'm racking my brain on this as I thought I understood how it works and every change I make seems to have no impact.
I suspect this is something simple but I'm obviously missing it. I'd appreciate any feedback, guidance or suggestions you might offer.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
我解决了这个问题,但在我看来有点难看。 这就是我所做的。
在 cookie 身份验证方法中,我设置了一个会话变量,指示使用了 cookie 登录方法。
然后在 :
before_filter set_current_user
中,我只检查该变量并重定向(如果已设置),确保将变量设置为 nil。它不漂亮,但确实有效。 我绝对愿意接受任何有关如何清理此问题的建议。
I solved the problem but it's a bit ugly in my opinion. Here's what I did.
In the cookie authentication method I set a session variable indicating the cookie login method was used.
Then in the :
before_filter set_current_user
I just check for that variable and redirect if it is set making sure to set the variable to nil.It's not pretty but it does work. I'm definitely open to any suggestions about how to clean this up.
成功登录后,您可以将此行添加到会话控制器:
You could add this line to the session controller after a successful login:
我正在使用 Bort,所以也许这不是 Restful_Authentication 本身的一部分,但会话控制器中有一个使用此 Restful_auth 方法的 successful_login 方法:该方法
在
authenticated_system.rb
I'm using Bort so maybe this isn't part of
Restful_Authentication
itself but there is asuccessful_login
method in the sessions controller that uses this restful_auth method:which is in defined in
authenticated_system.rb
难道你不能只设置你的路由,
然后有一个 before_filter 来检查以确保设置了一些“登录”参数吗? 只需在用户登录时通过 cookie 或通过正常方式设置此参数即可。 然后,无论是cookie认证还是普通认证,都会进入默认页面。 也许我误解了这个问题。
Can't you just have your routes setup so that
And then have a before_filter that checks to make sure that some "logged in" parameter is set? This param would just need to be set whenever the user logs in, either via cookie or via normal means. Then, whether the cookie authentication happens or normal auth happens, it will go to the default page. Maybe I'm misunderstanding the problem.
Restful Authentication 存储发出请求时尝试访问的原始 URL。 您所要做的就是阻止它存储该值或在执行 cookie 身份验证时清除该值,然后用户将被重定向回您的默认页面。
我可能会在authentiated_system.rb 中这样做,
session[:return_to] = nil
然后只需确保您已在会话控制器中设置了默认路径,并且应该已全部设置完毕。 会话控制器中的代码应该是这样的:
Restful Authentication stores the original URL that was trying to be accessed when the request is made. All of you have to do is prevent it from storing that value OR clear that value when a cookie authentication is performed and then the user will get redirected back to your default page.
I would probably do it like this in authenticated_system.rb
The is session[:return_to] = nil
Then just make sure you have set your default path in your sessions controller and you should be all set. The code in your sessions controller should be something like this: