我正在运行一个rails应用程序,并通过postman测试端点,当我登录并尝试访问端点时,它们会一如既往地正常工作,但当我在登录并尝试再次访问端点时,我遇到以下重定向错误:
Postman 错误
在终端中,我得到401未经授权,就好像它已注销一样,但它一直在尝试端点,而不是返回401并停止:
Started GET "/api/employees/getAgenda?month=7&year=2021" for 127.0.0.1 at 2021-07-15 17:39:32 -0300
Processing by Api::EmployeesController#getAgenda as */*
Parameters: {"month"=>"7", "year"=>"2021"}
MONGODB | cluster0-shard-00-02.dga1f.mongodb.net:27017 req:7962 conn:1:4 sconn:572618 | otto.find | STARTED | {"find"=>"users", "filter"=>{"_id"=>BSON::ObjectId('60ccd2aa1d1eab000460ceee')}, "sort"=>{"_id"=>1}, "limit"=>1, "$db"=>"o
tto", "$clusterTime"=>{"clusterTime"=>#<BSON::Timestamp:0x00007fb21c0919d0 @seconds=1626381582, @increment=5>, "signature"=>{"has...
MONGODB | cluster0-shard-00-02.dga1f.mongodb.net:27017 req:7962 | otto.find | SUCCEEDED | 0.147s
Completed 401 Unauthorized in 152ms (MongoDB: 0.1ms | Allocations: 2240)该应用程序使用rails 6.1.3.2、Desive 4.8.0和redis 4.3.1。
在任何方法之前检查登录的api控制器如下:
class ApiController < ActionController::Base
before_action :check_user,
except: %i[signin signinEmployee signup signupEmployee forgotPass getFaq getMessages updatePassword contactus
getBanners getPartners getCategories getServices getAllServices getServiceDetails getRecommended checkCode getInstructions checkCpf emailCode checkEmail getPipefyUrl log]
skip_before_action :verify_authenticity_token
def check_user
if current_user.nil?
render json: { err: 'Faça seu login antes de continuar' }, status: 401
nil
end
end
end这是我的设计配置:
Devise.setup do |config|
config.mailer_sender = 'Equipe Otto <contato@chameotto.com.br>'
require 'devise/orm/mongoid'
config.case_insensitive_keys = [:email]
config.strip_whitespace_keys = [:email]
config.skip_session_storage = [:http_auth]
config.stretches = Rails.env.test? ? 1 : 11
config.reconfirmable = true
config.expire_all_remember_me_on_sign_out = true
config.password_length = 6..128
config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
config.timeout_in = 25.minutes
config.reset_password_within = 6.hours
config.sign_out_via = :delete
end我还配置了session_store.rb,其中包括:
Rails.application.config.session_store :cookie_store, expire_after: 10.years它背后的想法是避免移动应用程序会话过期,但我不知道这是否是解决问题的正确方法。
最后,这是我的应用程序。rb:
require_relative 'boot'
require 'rails'
require 'active_model/railtie'
require 'active_job/railtie'
require 'action_controller/railtie'
require 'action_mailer/railtie'
require 'action_view/railtie'
require 'action_cable/engine'
require 'sprockets/railtie'
DEVISE_ORM = :mongoid
Bundler.require(*Rails.groups)
Dotenv::Railtie.load if Rails.env.development?
module Otto
class Application < Rails::Application
config.load_defaults 6.1
config.to_prepare do
Devise::SessionsController.layout 'login'
Devise::RegistrationsController.layout proc { |_controller| usuario_signed_in? ? 'application' : 'login' }
Devise::ConfirmationsController.layout 'login'
Devise::UnlocksController.layout 'login'
Devise::PasswordsController.layout 'login'
end
config.paths.add Rails.root.join('lib').to_s, eager_load: true
config.i18n.default_locale = 'pt-BR'
config.assets.initialize_on_precompile = false
config.encoding = 'utf-8'
config.time_zone = 'Brasilia'
config.middleware.use Rack::Attack
config.active_job.queue_adapter = :sidekiq
require "i18n/backend/fallbacks"
I18n::Backend::Simple.send(:include, I18n::Backend::Fallbacks)
config.i18n.fallbacks = {'pt-BR' => 'en'}
end
end我还有employeescontroller的这个框架,我只显示方法名称,以避免代码过多:
class Api::EmployeesController < ApiController
before_action :defineNextService,
except: %i[rate acceptOrder rejectOrder addFavorite removeFavorite addNoWork removeNoWork]
def addFavorite
##code##
end
def getAgenda
##code##
end
def removeFavorite
##code##
end
def addNoWork
##code##
end
def removeNoWork
##code##
end
def getHistory
##code##
end
def getMoney
##code##
end
def rate
##code##
end
def nextService
##code##
end
def acceptOrder
##code##
end
def rejectOrder
##code##
end
def defineNextService
##code##
end
暂无答案!
目前还没有任何答案,快来回答吧!