如何使用rails修复shopify应用程序中的“actioncontroller::invalidauthenticitytoken”错误?

qni6mghb  于 2021-09-29  发布在  Java
关注(0)|答案(0)|浏览(240)

我正在开发模式下运行shopify应用程序,rails 5.2托管在远程ngrok服务器上。当我试图发布一条记录时,我从rails得到了“actioncontroller::InvalidAuthenticationToken”错误。当我禁用csrf令牌时,shopify应用程序将不工作并显示错误,因此我不想禁用csrf保护,但不知道如何绕过此错误而不这样做。任何帮助都将不胜感激。

Rails 5 ActionController::InvalidAuthenticityToken error and ActionController::InvalidAuthenticityToken

参考上述两个问题,我在我的应用程序_controller.rb中添加了以下代码

skip_before_action :verify_authenticity_token
protect_from_forgery prepend: true, with: :exception

然而,错误依然存在。
提交后导致错误的表单

<form action="/create_shipment" method="post">
    <%= token_tag %>
      <div class="form-group">
        <label>Username</label>
        <input type="text" class="form-control" name="username" placeholder="e.g. johnsmith">

      </div>
      <div class="form-group">
        <label>Secret Key</label>
        <input type="text" class="form-control" name="key" placeholder="e.g. 34ssdfkje3483jkdj83...">
      </div>

      <button type="submit" name="submit" class="btn btn-primary">Submit</button>
</form>

routes.rb

Rails.application.routes.draw do
  root :to => 'home#index'
  post '/create_shipment', :to => 'add_user#add_shipment_data'
  get '/products', :to => 'products#index'

  mount ShopifyApp::Engine, at: '/'
end

添加用户控制器.rb

class AddUserController < ApplicationController
  def add_shipment_data
    @user = AddUser.new
    @user.username = params[:username]
    @user.secret_key = params[:key]
    @user.save
  end
end

shopify_app.rb

ShopifyApp.configure do |config|
  config.application_name = "Shipment Method"
  config.old_secret = ""
  config.scope = "write_products, read_products, read_customers, read_orders, write_orders" # Consult this page for more scope options:
                                  # https://help.shopify.com/en/api/getting-started/authentication/oauth/scopes
  config.embedded_app = true
  config.after_authenticate_job = false
  config.api_version = "2021-01"
  config.shop_session_repository = 'Shop'
  config.allow_jwt_authentication = true
  config.allow_cookie_authentication = false

  config.api_key = ENV.fetch('SHOPIFY_API_KEY', SHOPIFY_API_KEY).presence
  config.secret = ENV.fetch('SHOPIFY_API_SECRET', SHOPIFY_API_SECRET).presence
  if defined? Rails::Server
    raise('Missing SHOPIFY_API_KEY. See https://github.com/Shopify/shopify_app#api-keys') unless config.api_key
    raise('Missing SHOPIFY_API_SECRET. See https://github.com/Shopify/shopify_app#api-keys') unless config.secret
  end
end

错误截图

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题