如果我点击我的 3 个模型模型的任何记录上的销毁,用户将被注销。我正在使用 Devise 和 Ominauth。
#This logs out a user
def destroy
@rating = Rating.find(params[:id])
@rating.destroy
end
Started POST "/ratings/29" for 192.168.1.103 at 2011-02-26 20:11:45 +0000
Processing by RatingsController#destroy as HTML
Parameters: {"id"=>"29"}
User Load (0.5ms) SELECT `users`.* FROM `users` WHERE `users`.`id` = 2 LIMIT 1
Rating Load (0.3ms) SELECT `ratings`.* FROM `ratings` WHERE `ratings`.`id` = 29 LIMIT 1
SQL (0.0ms) BEGIN
AREL (0.5ms) DELETE FROM `ratings` WHERE `ratings`.`id` = 29
SQL (2.7ms) COMMIT
Request
Parameters:
None
Show session dump
session_id: "16a92c418fdfa8966b60b09e76346443"
Show env dump
GATEWAY_INTERFACE: "CGI/1.1"
HTTP_ACCEPT: "application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"
HTTP_ACCEPT_CHARSET: "ISO-8859-1,utf-8;q=0.7,*;q=0.3"
HTTP_ACCEPT_ENCODING: "gzip,deflate,sdch"
HTTP_ACCEPT_LANGUAGE: "en-US,en;q=0.8"
HTTP_CACHE_CONTROL: "max-age=0"
HTTP_CONNECTION: "keep-alive"
HTTP_COOKIE: "_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14"
HTTP_HOST: "192.168.1.105:3000"
HTTP_IF_NONE_MATCH: "\"2d7f4ba60c47e0cf39f1361e2274fa89\""
HTTP_REFERER: "http://192.168.1.105:3000/subjects"
HTTP_USER_AGENT: "Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.82 Safari/534.16"
HTTP_VERSION: "HTTP/1.1"
PATH_INFO: "/subjects"
QUERY_STRING: ""
REMOTE_ADDR: "192.168.1.103"
REMOTE_HOST: "192.168.1.103"
REQUEST_METHOD: "GET"
REQUEST_PATH: "/"
REQUEST_URI: "http://192.168.1.105:3000/subjects"
SCRIPT_NAME: ""
SERVER_NAME: "192.168.1.105"
SERVER_PORT: "3000"
SERVER_PROTOCOL: "HTTP/1.1"
SERVER_SOFTWARE: "WEBrick/1.3.1 (Ruby/1.9.2/2010-12-25)"
action_controller.instance: #<SubjectsController:0x90ecc1c @action_has_layout=true, @view_context_class=nil, @_headers={"Content-Type"=>"text/html"}, @_status=200, @_response=#<ActionDispatch::Response:0x90ecb68 ......Too long - had to cut it off
action_dispatch.cookies: {"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}
action_dispatch.parameter_filter: [:password, :password, :password_confirmation]
action_dispatch.remote_ip: 192.168.1.103
action_dispatch.request.content_type: nil
action_dispatch.request.formats: [text/html]
action_dispatch.request.parameters: {"action"=>"index", "controller"=>"subjects"}
action_dispatch.request.path_parameters: {:action=>"index", :controller=>"subjects"}
action_dispatch.request.query_parameters: {}
action_dispatch.request.request_parameters: {}
action_dispatch.request.unsigned_session_cookie: {"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}
action_dispatch.secret_token: "b3dc65e5cc9d1af31fb06160a604132f5a1f4d13edc313d74cb1bfd7e63994d429f6e8032669ea26ff4a8dab66b79f6070f8449b4a422a7862bb4307a4d84416"
rack.errors: #<IO:<STDERR>>
rack.input: #<StringIO:0x913578c>
rack.multiprocess: false
rack.multithread: false
rack.request.cookie_hash: {"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}
rack.request.cookie_string: "_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14"
rack.request.query_hash: {}
rack.request.query_string: ""
rack.run_once: false
rack.session: {"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}
rack.session.options: {:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :id=>"199411b3c1c3ce55b0d3cb86cab0cb76"}
rack.url_scheme: "http"
rack.version: [1, 1]
warden: #<Warden::Proxy:0x9133bf8 @winning_strategies={}, @users={:user=>nil}, @env={"GATEWAY_INTERFACE"=>"CGI/1.1", "PATH_INFO"=>"/subjects", "QUERY_STRING"=>"", "REMOTE_ADDR"=>"192.168.1.103", "REMOTE_HOST"=>"192.168.1.103", "REQUEST_METHOD"=>"GET", "REQUEST_URI"=>"http://192.168.1.105:3000/subjects", "SCRIPT_NAME"=>"", "SERVER_NAME"=>"192.168.1.105", "SERVER_PORT"=>"3000", "SERVER_PROTOCOL"=>"HTTP/1.1", "SERVER_SOFTWARE"=>"WEBrick/1.3.1 (Ruby/1.9.2/2010-12-25)", "HTTP_HOST"=>"192.168.1.105:3000", "HTTP_CONNECTION"=>"keep-alive", "HTTP_REFERER"=>"http://192.168.1.105:3000/subjects", "HTTP_CACHE_CONTROL"=>"max-age=0", "HTTP_USER_AGENT"=>"Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.82 Safari/534.16", "HTTP_ACCEPT"=>"application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5", "HTTP_ACCEPT_ENCODING"=>"gzip,deflate,sdch", "HTTP_ACCEPT_LANGUAGE"=>"en-US,en;q=0.8", "HTTP_ACCEPT_CHARSET"=>"ISO-8859-1,utf-8;q=0.7,*;q=0.3", "HTTP_COOKIE"=>"_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14", "HTTP_IF_NONE_MATCH"=>"\"2d7f4ba60c47e0cf39f1361e2274fa89\"", "rack.version"=>[1, 1], "rack.input"=>#<StringIO:0x913578c>, "rack.errors"=>#<IO:<STDERR>>, "rack.multithread"=>false, "rack.multiprocess"=>false, "rack.run_once"=>false, "rack.url_scheme"=>"http", "HTTP_VERSION"=>"HTTP/1.1", "REQUEST_PATH"=>"/", "action_dispatch.parameter_filter"=>[:password, :password, :password_confirmation], "action_dispatch.secret_token"=>"b3dc65e5cc9d1af31fb06160a604132f5a1f4d13edc313d74cb1bfd7e63994d429f6e8032669ea26ff4a8dab66b79f6070f8449b4a422a7862bb4307a4d84416", "action_dispatch.remote_ip"=>192.168.1.103, "rack.session"=>{"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}, "rack.session.options"=>{:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :id=>"199411b3c1c3ce55b0d3cb86cab0cb76"}, "rack.request.cookie_string"=>"_traitly_session=BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY%3D--4c140502f8a075f61742fdf11e6fc7100722ca14", "rack.request.cookie_hash"=>{"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}, "action_dispatch.cookies"=>{"_traitly_session"=>"BAh7BkkiD3Nlc3Npb25faWQGOgZFRiIlMTk5NDExYjNjMWMzY2U1NWIwZDNjYjg2Y2FiMGNiNzY=--4c140502f8a075f61742fdf11e6fc7100722ca14"}, "action_dispatch.request.unsigned_session_cookie"=>{"session_id"=>"199411b3c1c3ce55b0d3cb86cab0cb76"}, "warden"=>#<Warden::Proxy:0x9133bf8 ...>, "action_dispatch.request.path_parameters"=>{:action=>"index", :controller=>"subjects"}, "action_controller.instance"=>#<SubjectsController:0x90ecc1c @action_has_layout=true, @view_context_class=nil, @_headers={"Content-Type"=>"text/html"}, @_status=200, @_response=#<ActionDispatch::Response:0x90ecb68 @writer=#<Proc:0x90ecaf0@/usr/local/rvm/gems/ruby-1.9.2-p136@traitly/gems/actionpack-3.0.4/lib/action_dispatch/http/response.rb:43 (lambda)>, @block=nil, @length=0, @header={}, @status=200, @body=[], @cookie=[], @sending_file=false, @blank=false, @cache_control={}, @etag=nil, @request=#<ActionDispatch::Request:0x90ecb7c @env={...}, @fullpath="/subjects", @request_method="GET", @filtered_parameters={"action"=>"index", "controller"=>"subjects"}, @method="GET">>, @_request=#<ActionDispatch::Request:0x90ecb7c @env={...}, @fullpath="/subjects", @request_method="GET", @filtered_parameters={"action"=>"index", "controller"=>"subjects"}, @method="GET">, @_env={...}, @lookup_context=#<ActionView::LookupContext:0x90ec4c4 @details_key=nil, @details={:handlers=>[:erb, :rjs, :builder, :rhtml, :rxml], :formats=>[:html], :locale=>[:en, :en]}, @skip_default_locale=false, @frozen_formats=false, @view_paths=[/root/projects/traitly/app/views, /usr/local/rvm/gems/ruby-1.9.2-p136@traitly/gems/devise-1.1.7/app/views]>, @_action_name="index", @_response_body=nil, @_config={}, @current_user=nil>, "action_dispatch.request.content_type"=>nil, "action_dispatch.request.request_parameters"=>{}, "rack.request.query_string"=>"", "rack.request.query_hash"=>{}, "action_dispatch.request.query_parameters"=>{}, "action_dispatch.request.parameters"=>{"action"=>"index", "controller"=>"subjects"}, "action_dispatch.request.formats"=>[t
最佳答案
您正在使用 Rails 3,它使用 JavaScript 发出删除请求。由于请求未正确设置,您的日志显示 Started POST而不是正确的 Started DELETE .
该请求也不会包含所需的 CSRF 数据,并且从 Rails 3.0.4 开始, session 被静默重置而不是抛出 ActionController::InvalidAuthenticityToken错误。这就是为什么您怀疑身份验证问题出在 Devise 上,但它实际上是在 Rails 内部触发的。
要解决此问题,请在布局中包含以下内容:
<%= javascript_include_tag :defaults %>
<%= csrf_meta_tag %>
还要确保您有更新的 rails.js(其中包含用于删除请求的 JavaScript 代码)。 Rails 3.0.4 upgrade notes更详细地解释这个问题。
如果您使用 jquery rails.js 替代品,您可以获得更新版本 from here .
关于ruby-on-rails-3 - 每当单击模型销毁链接时,Rails session 就会被销毁,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/5129524/