在未经身份验证的情况下直接访问 pdf 文件时设计身份验证
我在尝试查看未经身份验证的 .pdf 文件(使用 PDFKit 生成)时遇到问题,直接从给定的 url host/.../profile.pdf 访问。正如预期的那样,系统要求我输入如图所示的凭据(不在 users/sign_in 路径中):
我输入了正确的凭据,该框会上下移动并再次要求输入凭据。看起来用户或密码错误,但事实并非如此。控制器的相关代码在这里:
class Entrepreneur::ProfilesController < ApplicationController
before_filter :authenticate_user!
def show
respond_to do |format|
format.pdf do
html = render_to_string(:layout => false , :action => "show.html.haml")
kit = PDFKit.new(html)
send_data(kit.to_pdf, :filename => "name.pdf", :type => 'application/pdf')
end
end
end
end
正如你所看到的,没有什么奇特的。我尝试从过滤器中删除 show 操作(before_filter :authenticate_user!, : except => [:show])并为自己编写一个自定义过滤器以将未经身份验证的用户重定向到 new_session_path,但这样做我不知道如何在注册后将用户重定向到 pdf 显示。
简而言之,devise 在访问 pdf 显示时要求我提供凭据,但不接受它们。如何让用户进入登录页面并在签名后重定向回 pdf?
我正在使用 Rails 3.0.7、Ruby 1.8.7 和 Devise 1.1.5。
谢谢!
I have a problem when trying to see a .pdf file (generated with PDFKit) unauthenticated, just going directly from a given url host/.../profile.pdf. I, as expected, am asked to enter the credentials as shown in the image (Not in the users/sign_in path):
I enter the correct credentials, the box goes up and down and asks for the credentials again. It could seem like the user or password are wrong, but they aren't. The relevant code from the controller is here:
class Entrepreneur::ProfilesController < ApplicationController
before_filter :authenticate_user!
def show
respond_to do |format|
format.pdf do
html = render_to_string(:layout => false , :action => "show.html.haml")
kit = PDFKit.new(html)
send_data(kit.to_pdf, :filename => "name.pdf", :type => 'application/pdf')
end
end
end
end
Nothing fancy as you can see. I tried to remove the show action from the filter (before_filter :authenticate_user!, :except => [:show]) and write myself a custom filter to redirect unauthenticated users to new_session_path, but doing so I don't know how to, once signed up, redirect the user to the pdf show.
In short, devise asks for my credentials when accessing a pdf show and doesn't accept them. How can I get the user to the sign_in page and redirect back to the pdf once signed?
I'm using Rails 3.0.7, Ruby 1.8.7 and Devise 1.1.5.
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
首先,确保它实际上是 Rails 提供 PDF,而不是它前面的 Web 服务器。 (根据您的配置,可能是请求从未到达 Rails。)
假设是 Rails 提供文件服务,那么您应该检查 devise.rb 配置文件。您可能需要将 :pdf 设置为导航格式,以便 Devise 向您的登录页面发出 302 重定向:
config.navigational_formats = [:html, :pdf] # you may have other fields另外,您可能需要将 PDF 添加到您的 mime_types.rb 初始值设定项(如果尚不存在):
Mime::Type.register 'application/pdf', :pdfFirst, make sure that it's actually Rails serving the PDF and not a web server in front of it. (Depending on your configuration, it could be the request is never getting to Rails in the first place.)
Assuming it is Rails serving the file, then you should check your devise.rb configuration file. You may need to make :pdf a navigational format which will allow Devise to issue a 302 redirect to your sign_in page:
config.navigational_formats = [:html, :pdf] # you may have additional formatsAlso, you may need to add PDF to your mime_types.rb initializer if it's not there already:
Mime::Type.register 'application/pdf', :pdf添加到已接受的答案并重复以确保完整性:
更新您的设备配置 (
config/initializers/devise.rb) 以将 pdf 包含为navigational_format。另请更新您的设备配置以使用自定义
failure_app。自定义失败应用程序 (
lib/custom_failure.rb)Adding to the accepted answer and repeating for completeness:
Update your devise config (
config/initializers/devise.rb) to include pdf as anavigational_format.Also update your devise config to use a custom
failure_app.Custom failure app (
lib/custom_failure.rb)