2
使用devise進行日誌記錄時得到警告:無法驗證CSRF令牌的真實性和401未授權的消息。即使有效的用戶,它也會重定向回登錄頁面。警告:無法使用devise驗證CSRF令牌的真實性
我已經嘗試了很多解決方案,但仍然無法弄清楚問題所在。 我檢查了我的參數,它發送了本應該引發的授權令牌警告:無法驗證CSRF令牌授權問題。
這是我的日誌文件提前
Started POST "/admin/sign_in" for 127.0.0.1 at 2013-06-20 13:12:27 +0545
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"YWAa7xOf+u0ButjnaE/kz5RmL3SZKFs
x51pFbMxDqiw=", "admin"=>{"email"=>"[email protected]", "password"=>"[FILTERED]"}}
WARNING: Can't verify CSRF token authenticity
Admin Load (0.7ms) SELECT `admins`.* FROM `admins` WHERE `admins`.`email` = '[email protected] ail.com' LIMIT 1
(0.3ms) BEGIN
(0.6ms) UPDATE `admins` SET `last_sign_in_at` = '2013-06-20 07:27:20', `current_sign_i n_at` = '2013-06-20 07:27:28', `sign_in_count` = 37, `updated_at` = '2013-06-20 07:27:28' WHERE `admins`.`id` = 4
(19.0ms) COMMIT
Redirected to home page
Completed 302 Found in 179ms (ActiveRecord: 0.0ms)
Started GET "/" for 127.0.0.1 at 2013-06-20 13:12:28 +0545
Processing by Admin::DashboardController#index as HTML
Completed 401 Unauthorized in 1ms
感謝
它是由色器件
<%= form_for(resource, :as => resource_name, :url => session_path(resource_name), :html => {:id => "login_ form"}) do |f| %>
<h2>Log in to your account:</h2>
<%= f.label :email, 'Email:' %>
<%= f.text_field :email, :class => "login" %><br /><br />
<%= f.label :password, 'Password:' %>
<%= f.password_field :password, :class => "login" %><br /><br />
<div class="pagination-right">
<%= f.submit "sign in"%>
<%= link_to "Forgot Password?", new_admin_password_path %>
</div>
<p class="hr">Don't have an account?</p>
<p>Please contact your Admin or contact Talintel Support</p>
<% end %>
產生在隱藏字段是生成真實性令牌形式
<div style="margin:0;padding:0;display:inline">
<input type="hidden" value="✓" name="utf8">
<input type="hidden" value="6yM4gkyWC94ej1X2Wzn/l17xTpIymsx9wCEuw5aOJbQ=" name="authenticity_token">
</div>
顯示你的表格。 –
@MichaelSzyndel我已添加表格 –
這方面的發展?我遇到同樣的問題... – cash22