網絡掛接在Rails中返回401

Question

我創建使用Fluidsurveys一個網絡掛接對應於該控制器：

class HooksController < ApplicationController 
    skip_before_filter :verify_authenticity_token 

    def response_created_callback 
    # If the body contains the score parameter... 
    if params[:_completed].present? 
     # Create a new Response object based on the received parameters... 
     response = FluidsurveysResponse.new(:completed => params[:_completed]) 
     response.invite_email = params[:_invite_email] 
     response.locale = params[:_locale] 
     response.key = params[:_key] 
     response.webhook = params[:webhook] 
     response.survey_name = params[:survey_name] 
     response.username = params[:_username] 
     response.weighted_score = params[:_weighted_score] 
     response.completion_time = params[:_completion_time] 
     response.ip_address = params[:_ip_address] 
     response.num_responses = params[:num_responses] 
     response.survey_id = params[:survey_id] 
     response.invite_name = params[:_invite_name] 
     response.language = params[:_language] 
     response.referrer = params[:_referrer] 
     response.fs_created_at = params[:_created_at] 
     response.fs_updated_at = params[:_updated_at] 
     response.survey_url = params[:survey_url] 
     response.fs_id = params[:_id] 
     response.collector_id = params[:_collector_id] 
     response.comment = params[:Comment] 
     response.nps_score = params[:NPSScore] 
     response.save! 
    end 

    # The webhook doesn't require a response but let's make sure 
    # we don't send anything 
    render :nothing => true 
    end 

end 

網絡掛接似乎很好地工作，因爲我看到這在我的日誌：

2014-01-20T13:49:01.231772+00:00 app[web.1]: Started POST "/hooks/response_created_callback" for 184.107.171.218 at 2014-01-20 13:49:01 +0000 
2014-01-20T13:49:01.327989+00:00 app[web.1]: Processing by HooksController#response_created_callback as */* 
2014-01-20T13:49:01.328149+00:00 app[web.1]: Parameters: {"_invite_email"=>"N/A", "_locale"=>"298", "_updated_at"=>"2014-01-20 13:49:00.738850", "_language"=>"en", "_key"=>"b5ec09680a4274cec0052d4049bec338a906e5b8", "webhook"=>"event", "survey_name"=>"Test", "_referrer"=>"http://fluidsurveys.com/surveys/marketing/test-nps-for-dc/", "_username"=>"marketing", "survey_url"=>"http://fluidsurveys.com/surveys/marketing/test-nps-for-dc/", "_id"=>"39164209", "_created_at"=>"2014-01-20 13:49:00.243640", "_weighted_score"=>"0.0", "_completion_time"=>"00:00:00", "_completed"=>"1", "_ip_address"=>"66.192.31.1", "yptmAoJw6i"=>"Detractor: 0", "num_responses"=>"261", "survey_id"=>"263692", "_extra_info"=>"weighted_score", "_invite_name"=>"N/A"} 
2014-01-20T13:49:01.369963+00:00 app[web.1]: Completed 401 Unauthorized in 41ms 

正如你所看到的那樣，這個帖子是根據正確的控制器動作製作的。路由設置正確，但出現401錯誤。我不明白在這裏需要發生什麼驗證...... params傳遞給控制器​​，並且在我看來，我認爲我的應用程序不需要驗證任何內容。它接收到一個請求，按照它的要求做，然後完成。

我在這裏丟失了什麼導致401錯誤？

編輯：

從我的控制器中刪除skip_before_filter :verify_authenticity_token後，我得到這個錯誤：

Can't verify CSRF token authenticity 
2014-01-20T16:07:12.222512+00:00 app[web.1]: Completed 422 Unprocessable Entity in 28ms 
2014-01-20T16:07:12.225905+00:00 app[web.1]: 
2014-01-20T16:07:12.225905+00:00 app[web.1]: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken): 

Answer 1

的問題是，我使用devise進行用戶身份驗證，並且我的應用程序被阻止發佈請求，因爲沒有身份驗證憑據傳遞給我的控制器。

中添加這一行到我的控制器我解決了這個問題：

skip_before_filter :verify_authenticity_token, :authenticate_user!