VIKEnut'

Es

РусскийPortuguês

Tema oscuro

Escribir

Tema oscuro

Es

РусскийPortuguês
ruby-on-rails-3sslhttpsdevise

ntegración de @SSL con Devise How-To, Not Authenticating

Estoy usandoSSL Requirement para lograr los rediectos adecuados conIdea. Estoy usando controladores de diseño personalizados para poder colocar ssl_required en ellos.

Gemfile
gem 'bartt-ssl_requirement', '1.2.7', :require => 'ssl_requirement'
application_controller.rb
class ApplicationController < ActionController::Base
  protect_from_forgery

  include ::SslRequirement

También personalicé el nombre de host para SSLRequirement

production.rb
config.after_initialize do
    SslRequirement.ssl_host = 'secure.website.com'
end

Configurar controladores de dispositivos personalizados es tan simple como crear un nuevo archivo de controlador y tener el nombre apropiado: (por ejemplo, controlador de sesión). Asegúrese de generar las vistas y moverlas a la carpeta apropiada para que su controlador personalizado pueda usarlas.

session_controller.rb
class SessionsController < Devise::SessionsController
ssl_exceptions

def new
   super
end

...

Todo esto funciona para cumplir, pero una vez que habilito ssl_required (o ssl_exceptions), Devise ya no puede autenticarse. Me redirige al índice o me mantiene en la página de inicio de sesión.

Me aseguré de entrar en session_store.rb y actualizar mi cookie_store para incluir

session_store.rb
App::Application.config.session_store :cookie_store, :key => '_app_session', :httponly => true, :secure => true, :domain => '.website.com'

para mí, agregando:domain => :all tampoco estaba resolviendo el problema

Entró en mi archivo devise.rb e incluyó:

devise.rb

config.cookie_options = { :secure => true} aún no tuvo éxito ... incluso escribió todas las rutas personalizadas omitiendo los valores predeterminados de Devise para que incluyeran el protocolo https y el host de subdominio seguro, y omitieran las rutas de diseño predeterminadas para deshacerse de las rutas duplicadas ... Me estoy quedando sin opciones en este punto:

routes.rb
constraints :protocol => "https", :host => "secure.website.com" do
devise_for :users, :controllers => { :sessions => 'sessions', :registrations => 'registrations', :passwords => 'passwords', :confirmations => 'confirmations', :unlocks => 'unlocks' }, :skip => [:sessions, :passwords, :registrations]
devise_scope :user do

  #sessions
  get "/users/sign_in" => "sessions#new", :as => nil
  get "/users/sign_in" => "sessions#new", :as => :new_user_session
  get "/users/sign_in" => "sessions#new", :as => :users_sign_in
  get "/users/sign_out" => "sessions#destroy", :as => :destroy_user_session
  get "/users/sign_out" => "sessions#destroy", :as => :users_sign_out
  post "/users/sign_in" => "sessions#create", :as => :user_session
  post "/users/sign_in" => "sessions#new", :as => nil

  #registrations
  get "/users/sign_up" => "registrations#new", :as => :users_sign_up
  get "/users/sign_up" => "registrations#new", :as => :new_user_registration
  get "/users/edit" => "registrations#edit", :as => :users_edit
  get "/users/edit" => "registrations#edit", :as => :edit_user_registrations
  get "/users/cancel" => "registrations#cancel", :as => :cancel_user_registration
  post "/users/" => "registrations#create", :as => :user_registration
  put "/users" => "registrations#update"
  delete "/users" => "registrations#destroy"

  #passwords
  get "/users/password/new" => "passwords#new", :as => :users_password_new
  get "/users/password/new" => "passwords#new", :as => :new_user_password
  get "/users/password/edit" => "passwords#edit", :as => :edit_user_password
  post "/users/password" => "passwords#create"
  put "/users/password" => "passwords#update"
end



devise_for :admins, :controllers => { :sessions => 'sessions', :registrations => 'registrations', :passwords => 'passwords', :confirmations => 'confirmations', :unlocks => 'unlocks' }, :skip => [:sessions, :unlocks]
as :admin do
  #sessions
  get "/admins/sign_in" => "sessions#new"
  get "/admins/sign_in" => "sessions#new", :as => :admins_sign_in
  get "/admins/sign_in" => "sessions#new", :as => :new_admin_session
  get "/admins/sign_out" => "sessions#destroy", :as => :destroy_admin_session
  get "/admins/sign_out" => "sessions#destroy", :as => :admins_sign_out
  post "/admins/sign_in" => "sessions#new"
  post "/admins/sign_in" => "sessions#new", :as => :admin_session

  #unlocks
  get "/admins/unlock" => "unlocks#show"
  get "/admins/unlock/new" => "unlocks#new", :,as => :admins_unlock_new
  get "/admins/unlock/new" => "unlocks#new", :as => :new_admin_unlock
  post "/admins/unlock" => "unlocks#create", :as => :admin_unlock
end

fina

rutas de rake
                         GET    /users/sign_in(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
        new_user_session GET    /users/sign_in(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
           users_sign_in GET    /users/sign_in(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
    destroy_user_session GET    /users/sign_out(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"destroy"}
          users_sign_out GET    /users/sign_out(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"destroy"}
            user_session POST   /users/sign_in(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"create"}
                         POST   /users/sign_in(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
           users_sign_up GET    /users/sign_up(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"new"}
   new_user_registration GET    /users/sign_up(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"new"}
              users_edit GET    /users/edit(.:format)                  {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"edit"}
 edit_user_registrations GET    /users/edit(.:format)                  {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"edit"}
cancel_user_registration GET    /users/cancel(.:format)                {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"cancel"}
       user_registration POST   /users(.:format)                       {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"create"}
                   users PUT    /users(.:format)                       {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"update"}
                         DELETE /users(.:format)                       {:protocol=>"https", :host=>"secure.website.com", :controller=>"registrations", :action=>"destroy"}
      users_password_new GET    /users/password/new(.:format)          {:protocol=>"https", :host=>"secure.website.com", :controller=>"passwords", :action=>"new"}
       new_user_password GET    /users/password/new(.:format)          {:protocol=>"https", :host=>"secure.website.com", :controller=>"passwords", :action=>"new"}
      edit_user_password GET    /users/password/edit(.:format)         {:protocol=>"https", :host=>"secure.website.com", :controller=>"passwords", :action=>"edit"}
          users_password POST   /users/password(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"passwords", :action=>"create"}
                         PUT    /users/password(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"passwords", :action=>"update"}
          admins_sign_in GET    /admins/sign_in(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
          admins_sign_in GET    /admins/sign_in(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
       new_admin_session GET    /admins/sign_in(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
   destroy_admin_session GET    /admins/sign_out(.:format)             {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"destroy"}
         admins_sign_out GET    /admins/sign_out(.:format)             {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"destroy"}
                         POST   /admins/sign_in(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
           admin_session POST   /admins/sign_in(.:format)              {:protocol=>"https", :host=>"secure.website.com", :controller=>"sessions", :action=>"new"}
           admins_unlock GET    /admins/unlock(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"unlocks", :action=>"show"}
       admins_unlock_new GET    /admins/unlock/new(.:format)           {:protocol=>"https", :host=>"secure.website.com", :controller=>"unlocks", :action=>"new"}
        new_admin_unlock GET    /admins/unlock/new(.:format)           {:protocol=>"https", :host=>"secure.website.com", :controller=>"unlocks", :action=>"new"}
            admin_unlock POST   /admins/unlock(.:format)               {:protocol=>"https", :host=>"secure.website.com", :controller=>"unlocks", :action=>"create"}

Estoy casi seguro de que tiene que ver con mis cookies, ¿alguien tiene 2 centavos?

Puedo publicar más código de aplicación o código de consola si es necesario. Espero que esto haya sido de ayuda para cualquiera que configure Devise personalizado y para cualquiera que incorpore SSL en su aplicación rails3 usando Devise y SSLRequirement.

Esperamos que podamos obtener una descripción completa de un ejemplo sólido para todos. Gracias y avíseme si tiene alguna pregunta sobre cómo configuro los controladores / vistas / etc .

Respuestas a la pregunta(0)

Su respuesta a la pregunta

Preguntas populares

0 la respuesta

¿Por qué SQLite es tan lento (~ 2 q / s) en una máquina específica?

0 la respuesta

Implementación del controlador de dispositivo PCIe Linux (quiero acceder a los registros de mi tarjeta desde el controlador del kernel)

0 la respuesta

Convertir pfx a pem usando openssl

0 la respuesta

cómo obtener el nombre del esquema de la tabla

0 la respuesta

¿Una referencia a Better Boost? [cerrado]