I am using devise on my application and i am not getting error me开发者_运维技巧ssages when login fails.
I've flash[:notice] and flash[:alert] on the login page.
I tried a lot of things and when i remove 'protect_from_forgery' from application controller i get the error messages.
Also i am using Cancan on my application, can it be any issue from it? Any ideas?
Thanks
I'm guessing the authenticity verification is failing. Are your forms sending up the authenticity_token with posts? If removing protect_from_forgery
fixes it, this almost certainly the problem.
Make sure that all non-get requests are sending up an authenticity_token
parameter with the value returned by the rails function form_authenticity_token
. If you use form_for
in your views, this should happen automagically. Check your html to be sure, the authenticity token in the form should match the value returned the form_authenticity_token
method.
Admittedly, a bit hacky, but I'm using this helper (app/helpers/devise_helper.rb) to grab flashes and use those if set then default to resource.errors
. Devise's sessions controller doesn't seem to use the model errors, but uses flash alerts instead. This is just based on the helper that's in the devise lib.
module DeviseHelper
def devise_error_messages!
flash_alerts = []
error_key = 'errors.messages.not_saved'
if !flash.empty?
flash_alerts.push(flash[:error]) if flash[:error]
flash_alerts.push(flash[:alert]) if flash[:alert]
flash_alerts.push(flash[:notice]) if flash[:notice]
error_key = 'devise.failure.invalid'
end
return "" if resource.errors.empty? && flash_alerts.empty?
errors = resource.errors.empty? ? flash_alerts : resource.errors.full_messages
messages = errors.map { |msg| content_tag(:li, msg) }.join
sentence = I18n.t(error_key, :count => errors.count,
:resource => resource.class.model_name.human.downcase)
html = <<-HTML
<div id="error_explanation">
<h2>#{sentence}</h2>
<ul>#{messages}</ul>
</div>
HTML
html.html_safe
end
end
精彩评论