通过ajax(rails,jquery)获取会话真实性令牌
我希望在不重新加载页面并让用户提交给定表单的情况下对用户进行身份验证。
然而,我在这里立即遇到的问题是,真实性令牌通常在页面重新加载时设置。
我需要用于表单提交的真实性令牌,但我还没有它,因为页面尚未重新加载。
我认为这种情况不会那么罕见 - 有人知道如何解决这个问题吗?
1 个想法可能是让 Rails 在身份验证后传回真实性令牌,但我不知道如何从控制器访问它
1)未登录的用户看到表单
2)未登录的用户输入消息并提交
3)facebox 要求身份验证
4)身份验证后,自动提交表单,无需刷新
5) //但是表单提交需要真实性令牌,目前还没有
I wish to authenticate a user without having the page reloaded, and having the user submit a given form.
However, the problem that I immediately run into here is that the authenticity token typically gets set when the page is reloaded.
I need the authenticity token for the form submission, but i do not have it yet because the page is yet to reload.
I figure this cannot be that rare - anyone has any idea on how to resolve this?
1 idea could be getting rails to pass back the authenticity token after authentication, but i do not know how to access it from the controller
1) not logined user sees form
2) not logined user types in message and submit
3) facebox asking for authentication
4) after authentication, submit form automatically without refreshing
5) //but authenticity token is needed for form submission, which is not there yet
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
决定回答我自己的问题是潜在的解决方案,请随时加入:
在我的身份验证控制器操作中,我查看了会话数据中的身份验证令牌,并解析了它。代码如下:
你觉得怎么样?
decided to answer my own question w a potential solution, please feel free to jump in:
in my authentication controller action, i looked at the auth token in the session data, parsed it. The code is as follows:
what do you think?