2013-04-29 51 views
0

我想學習如何使用Rails寫一個登錄系統,但我覺得我在這,現在盜號了,我遵循這個指南:登錄沒有失敗的路由匹配錯誤

http://rubysource.com/rails-userpassword-authentication-from-scratch-part-ii/

但我不知道這是否是爲Rails 4和Ruby開發2.

我不斷收到此錯誤:

Rails Framework Error

我有一種感覺,這是與會議的控制器,但我不完全確定,所以我會包括我的所有文件。

User.rb

class User < ActiveRecord::Base 
    attr_accessor :username, :email, :password, :password_confirmation 
    EMAIL_REGEX = /\A[A-Za-z0-9._%+-][email protected][A-Za-z0-9.-]+\.[A-Za-z]+\z/ 
    validates :username, :presence => true, :uniqueness => true, :length => { :in => 3..20 } 
    validates :email, :presence => true, :uniqueness => true, :format => EMAIL_REGEX 
    validates :password, :confirmation => true #password_confirmation attr 
    validates_length_of :password, :in => 6..20, :on => :create 

    before_save :encrypt_password 
    after_save :clear_password 

    def encrypt_password 
     if password.present? 
      self.salt = BCrypt::Engine.generate_salt 
      self.encrypted_password= BCrypt::Engine.hash_secret(password, salt) 
     end 
    end 

    def clear_password 
     self.password = nil 
    end 
    def self.authenticate(username_or_email="", login_password="") 
     if EMAIL_REGEX.match(username_or_email) 
      user = User.find_by_email(username_or_email) 
     else 
      user = User.find_by_username(username_or_email) 
     end 

     if user && user.match_password(login_password) 
      return user 
     else 
      return false 
     end 
    end 

    def match_password(login_password="") 
     encrypted_password == BCrypt::Engine.hash_secret(login_password, salt) 
    end 
end 

users_controller.rb

class UsersController < ApplicationController 
    before_filter :save_login_state, :only => [:new, :create] 
    def new 
     @user = User.new 
    end 
    def create 
     @user = User.new(user_params) 
     if @user.save 
      flash[:notice] = "You Signed up successfully" 
      flash[:color]= "valid" 
     else 
      flash[:notice] = "Form is invalid" 
      flash[:color]= "invalid" 
     end 
     render "new" 
    end 
    def user_params 
     params.require(:user).permit(:username, :email, :password, :password_confirmation) 
    end 
end 

sessions_controller.rb

class SessionsController < ApplicationController 

    before_filter :authenticate_user, :only => [:home, :profile, :setting] 
    before_filter :save_login_state, :only => [:login, :login_attempt] 

    def login 

    end 

    def login_attempt 
     authorized_user = User.authenticate(params[:username_or_email],params[:login_password]) 
     if authorized_user 
      session[:user_id] = authorized_user.id 
      flash[:notice] = "Wow Welcome again, you logged in as #{authorized_user.username}" 
      redirect_to(:action => 'home') 
     else 
      flash[:notice] = "Invalid Username or Password" 
      flash[:color]= "invalid" 
      render "login" 
     end 
    end 
    def logout 
     session[:user_id] = nil 
     redirect_to :action => 'login' 
    end 

application_controller.rb

class ApplicationController < ActionController::Base 
    # Prevent CSRF attacks by raising an exception. 
    # For APIs, you may want to use :null_session instead. 
    protect_from_forgery with: :exception 
    protected 
    def authenticate_user 
     unless session[:user_id] 
      redirect_to(:controller => 'sessions', :action => 'login') 
      return false 
     else 
      # set current user object to @current_user object variable 
      @current_user = User.find session[:user_id] 
      return true 
     end 
    end 

    def save_login_state 
     if session[:user_id] 
      redirect_to(:controller => 'sessions', :action => 'home') 
      return false 
     else 
      return true 
     end 
    end 
end 

login.html.erb

<% @page_title = "UserAuth | Login" -%> 
<div class= "Sign_Form"> 
    <h1>Log in</h1> 
    <%= form_tag :sessions => :login_attempt do %> 
     <p>Username or Email:</br> <%= text_field_tag(:username_or_email) %></p> 
     <p>Password:</br> <%= password_field_tag :login_password %></p> 
     <%= submit_tag("Log In") %> 
    <% end %> 
</div> 

的routes.rb

BillingSystem::Application.routes.draw do 
    root :to => "sessions#login" 
    match "signup", :to => "users#new", via: [:get, :post] 
    match "login", :to => "sessions#login", via: [:get, :post] 
    match "logout", :to => "sessions#logout", via: [:get, :post] 
    match "home", :to => "sessions#home", via: [:get, :post] 
    match "profile", :to => "sessions#profile", via: [:get, :post] 
    match "setting", :to => "sessions#setting", via: [:get, :post] 
end 

回答

0

您使用的軌道4和紅寶石2,對不對?

  1. match不再捕獲所有路線,儘量get

  2. 看設計寶石

+0

我想學習如何從頭開始做一個登錄,因爲我認爲這將會 因爲它是你係統的基本元素,所以值得了解它的內部工作,而不是使用每個人使用和知道的東西,只是因爲它更容易。 – 2013-04-29 18:15:20

0

的問題是,你說你要留言表單的URL(root_url或/)不處理帖子請求(通常不應該)。由於您沒有指定url,因此表單將發佈到根目錄,因此它默認爲當前發佈的表單(根目錄)。從你的路線應該是與此類似:

<% @page_title = "UserAuth | Login" -%> 
<div class= "Sign_Form"> 
    <h1>Log in</h1> 
    <%= form_tag "/login", :sessions => :login_attempt do %> 
     <p>Username or Email:</br> <%= text_field_tag(:username_or_email) %></p> 
     <p>Password:</br> <%= password_field_tag :login_password %></p> 
     <%= submit_tag("Log In") %> 
    <% end %> 
</div> 

請參見更多相關的API文檔到這一點:http://apidock.com/rails/ActionView/Helpers/FormTagHelper/form_tag

另要注意,我不建議尋找到設計,直到你多一點熟悉鐵軌,他們實際上是在反對它自己。 https://github.com/plataformatec/devise#starting-with-rails

+0

仍然有這樣的錯誤:/ – 2013-04-29 18:14:19

0

這工作對我來說我嘗試過相同的教程。 根:到=> 「會話#登錄」
得到 「註冊」,:要=> 「用戶#新」
GET 「登錄」:以=> 「會話#登錄」
郵報 「login_attempt」 :以=> 「會話#login_attempt」
GET 「註銷」,:要=> 「會話#登出」
GET 「家」,:要=> 「會話#家」
獲得 「輪廓」,:對=>「會話#配置文件」
GET「設置」,:要=>「會話#設置」
資源:用戶

相關問題