记住我不能正常工作。
我希望它如何工作->在登录时,如果用户选中“记住我”复选框,则应用程序应该记住它,否则不需要记住用户。
但目前,即使用户未选中“记住我”复选框,它也会记住它。
应用程序控制器:
class ApplicationController < actionController::Base
protect_from_forgery with: :exception
helper_method :current_user,:logged_in?,:logged_in_user,:current_user?,:forget
before_action :set_cache_buster
def log_in(user)
session[:user_id] = user.id
end
def current_user
if (user_id = session[:user_id])
@current_user ||= User.find_by(id: user_id)
elsif (user_id = cookies.signed[:user_id])
user = User.find_by(id: user_id)
end
end
def logged_in?
!current_user.nil?
end
def logged_in_user
unless logged_in?
flash[:danger] = 'Please log in.'
redirect_to new_sessions_path
end
end
def current_user?(user)
user == current_user
end
private
def set_cache_buster
response.headers['Cache-Control'] = 'no-cache,no-store,max-age=0,must-revalidate'
response.headers['Pragma'] = 'no-cache'
response.headers['Expires'] = 'Fri,01 Jan 1990 00:00:00 GMT'
end
end
会话控制器
class SessionsController < ApplicationController
def new
end
def create
user = User.find_by_email(params[:email])
if user && user.authenticate(params[:password])
if params[:remember_me] == 1
log_in user
token = SecureRandom.urlsafe_base64
user.auth_token = token
cookies.permanent.signed[:auth_token] = token
redirect_to user
else
log_in user
user.auth_token = nil
cookies[:auth_token] = nil
redirect_to user
end
else
flash.now[:danger] = 'Invalid email/password combination'
render 'new'
end
end
def destroy
@current_user = nil
cookies[:auth_token] = nil
reset_session
redirect_to root_path
end
end
我尝试过的:
def create
user = User.find_by_email(params[:email])
if user && user.authenticate(params[:password])
if params[:remember_me] == 1
log_in user
token = SecureRandom.urlsafe_base64
user.auth_token = token
cookies.permanent.signed[:auth_token] = token
redirect_to user
else
# log_in user
user.auth_token = nil
cookies[:auth_token] = nil
redirect_to user
end
else
flash.now[:danger] = 'Invalid email/password combination'
render 'new'
end
end
我评论了上面代码中的登录用户行。什么不让 没有选中用户登录复选框。有效。但是然后...如果代码的一部分...,我注释了log_in行...
if params[:remember_me] == 1
# log_in user
token = SecureRandom.urlsafe_base64
user.auth_token = token
cookies.permanent.signed[:auth_token] = token
redirect_to user
else
如果选中该复选框,则该用户不应允许用户登录,但确实允许用户登录。
出于某种原因,我认为会话控制器中的“ if”永远无法工作。
session#new-登录页面-
<div class="row">
<div class="col-md-offset-3 col-md-7" style="text-align: center;">
<h2><b>Log In</b></h2>
</div>
</div>
<div class="row">
<div class="col-md-offset-3 col-md-7">
<%= form_with url: sessions_path do |form| %>
<div class="form-group">
<%= form.label :email %>
<%= form.text_field :email,class: "form-control" %>
</div>
<div class="form-group">
<%= form.label :password %>
<%= form.text_field :password,class: "form-control" %>
</div>
<div class="field">
<%= form.label :"remember_me" %>
<%= form.check_box :remember_me %>
</div>
<%= form.submit "Login",class: "btn btn-primary btn-block" %>
<% end %>
</div>
</div>