使用设备检查提交的令牌与数据库中的真实性令牌
我正在使用 Chrome 扩展将数据发送到我的 Rails 应用程序(staged_images 控制器)。所以我有一个发送数据的表单以及一个身份验证令牌。每个用户都有一个由 Devise 生成的令牌,并保存到 Users 表中。我现在需要做的是在控制器中接收该数据,并根据用户表中存储的令牌检查提交的令牌。
因此,我的控制器中的创建操作应该如下所示:
def create
@user = User.find(params[:staged_image][:user_id])
if @user.authentication_token == submitted_token # this is pseudo code, don't know exactly what to say here
# execute code
else
# raise error
end
end
我只是在如何检查一个令牌与另一个令牌的细节方面遇到了麻烦。我是新手。帮我!
谢谢
I'm using a Chrome extension to send data to my Rails app (the staged_images controller). So I have a form that sends the data, along with an authentication token. Each user has a token which is generated by Devise, and is saved into the Users table. What I need to do now is receive that data in the controller and check the submitted token against the one stored in the Users table.
So the create action in my controller should look something like this:
def create
@user = User.find(params[:staged_image][:user_id])
if @user.authentication_token == submitted_token # this is pseudo code, don't know exactly what to say here
# execute code
else
# raise error
end
end
I'm just having trouble with the specifics of how to check the one token against the other. I'm a newbie. Help me!
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您应该传递到令牌控制器,并在顶部有一个过滤器,并在调用中传递
auth_token(http://yoursite/staged_images?auth_token=YOUR_STORED_TOKEN')。如果令牌无效,Devise 将引发异常。
您可以使用帮助器
current_user访问用户信息You should pass to the token controller and have a filter on the top and pass a
auth_tokenin your call (http://yoursite/staged_images?auth_token=YOUR_STORED_TOKEN').Devise will raise an exception if the token is invalid.
You can access the user information with the helper
current_user