我正在开发模式下运行shopify应用程序,rails 5.2托管在远程ngrok服务器上。当我试图发布一条记录时,我从rails得到了“actioncontroller::InvalidAuthenticationToken”错误。当我禁用csrf令牌时,shopify应用程序将不工作并显示错误,因此我不想禁用csrf保护,但不知道如何绕过此错误而不这样做。任何帮助都将不胜感激。
Rails 5 ActionController::InvalidAuthenticityToken error and ActionController::InvalidAuthenticityToken
参考上述两个问题,我在我的应用程序_controller.rb中添加了以下代码
skip_before_action :verify_authenticity_token
protect_from_forgery prepend: true, with: :exception
然而,错误依然存在。
提交后导致错误的表单
<form action="/create_shipment" method="post">
<%= token_tag %>
<div class="form-group">
<label>Username</label>
<input type="text" class="form-control" name="username" placeholder="e.g. johnsmith">
</div>
<div class="form-group">
<label>Secret Key</label>
<input type="text" class="form-control" name="key" placeholder="e.g. 34ssdfkje3483jkdj83...">
</div>
<button type="submit" name="submit" class="btn btn-primary">Submit</button>
</form>
routes.rb
Rails.application.routes.draw do
root :to => 'home#index'
post '/create_shipment', :to => 'add_user#add_shipment_data'
get '/products', :to => 'products#index'
mount ShopifyApp::Engine, at: '/'
end
添加用户控制器.rb
class AddUserController < ApplicationController
def add_shipment_data
@user = AddUser.new
@user.username = params[:username]
@user.secret_key = params[:key]
@user.save
end
end
shopify_app.rb
ShopifyApp.configure do |config|
config.application_name = "Shipment Method"
config.old_secret = ""
config.scope = "write_products, read_products, read_customers, read_orders, write_orders" # Consult this page for more scope options:
# https://help.shopify.com/en/api/getting-started/authentication/oauth/scopes
config.embedded_app = true
config.after_authenticate_job = false
config.api_version = "2021-01"
config.shop_session_repository = 'Shop'
config.allow_jwt_authentication = true
config.allow_cookie_authentication = false
config.api_key = ENV.fetch('SHOPIFY_API_KEY', SHOPIFY_API_KEY).presence
config.secret = ENV.fetch('SHOPIFY_API_SECRET', SHOPIFY_API_SECRET).presence
if defined? Rails::Server
raise('Missing SHOPIFY_API_KEY. See https://github.com/Shopify/shopify_app#api-keys') unless config.api_key
raise('Missing SHOPIFY_API_SECRET. See https://github.com/Shopify/shopify_app#api-keys') unless config.secret
end
end
错误截图
暂无答案!
目前还没有任何答案,快来回答吧!