Евг*_*чук 5 ruby ruby-on-rails constraints basic-authentication
我使用 Rails 5 API 模式
路线.rb:
Rails.application.routes.draw do
constraints Basic do
mount Rswag::Ui::Engine => '/api-docs'
mount Rswag::Api::Engine => '/api-docs'
mount Sidekiq::Web => '/sidekiq'
# etc
end
end
约束/基本.rb:
class Basic
def self.matches?(request)
authenticate_or_request_with_http_basic do |email, password|
email == 'foo' && password = 'bar'
end
end
end
但我收到一个错误:
NoMethodError(Basic:Class 的未定义方法 `authenticate_or_request_with_http_basic')
我可以在约束中使用 http 基本身份验证吗?
我认为您不能使用authenticate_or_request_with_http_basic控制器范围之外的方法。您可以在通用控制器中设置before_filter身份验证检查。这是来自文档评论的示例:
class AdminController < ApplicationController
before_filter :authenticate
def authenticate
authenticate_or_request_with_http_basic('Administration') do |email, password|
email == 'foo' && password == 'bar'
end
end
end
这也是我发现的Rails Authentication Routing Constraints Been Harmful 的内容。
话虽这么说,我认为有一种方法:
class Basic
def self.matches?(request)
if ActionController::HttpAuthentication::Basic.has_basic_credentials?(request)
credentials = ActionController::HttpAuthentication::Basic.decode_credentials(request)
email, password = credentials.split(':')
email == 'foo' && password == 'bar'
end
end
end
| 归档时间: |
|
| 查看次数: |
2350 次 |
| 最近记录: |