5

アロハ、

Devise の token_authenticatable が減価償却されていることを発見した後、私は独自のソリューションを展開しようとしていますが、devise の sign_in メソッドに問題があると思います:

仕様:

context "with an admin user" do
    before(:each) { @user = FactoryGirl.create(:user, account_type: 'admin') }
    it "should respond with a 200 status" do
        post :verify, "token"=> @user.authentication_token
        response.status.should eq(200)
    end
 end

エラー:

1) UsersController#verify with an admin user should respond with a 200 status
     Failure/Error: post :verify, "token"=> @user.authentication_token
     NoMethodError:
       undefined method `user' for nil:NilClass
     # ./app/controllers/application_controller.rb:24:in `authenticate_user_from_token!'
     # ./spec/controllers/users_controller_spec.rb:39:in `block (4 levels) in <top (required)>'

application_controller.rb:

class ApplicationController < ActionController::Base
  # If there's a token present we're using the api authentication
  # mechanism, else we fall back to devise auth
  before_filter :authenticate_user_from_token!, :authenticate_user!

  # Setup an AccessDenied error
  class AccessDenied < StandardError; end
  # setup a handler
  rescue_from AccessDenied, :with => :access_denied


  private

  # API requests should be made to the resource path
  # with the requesters token as params.
  #
  # This method extracts the params, checks if they are
  # valid and then signs the user in using devise' sign_in method 

  def authenticate_user_from_token!
    user = User.find_by_authentication_token params[:token]

    if !user.nil? && user.admin?
      # store: false ensures we'll need a token for every api request
      sign_in user, store: false # this is the line the spec complains about
    else
      raise ApplicationController::AccessDenied
    end
  end

  def access_denied
    render :file => "public/401", :status => :unauthorized
  end


end

users_controller.rb

class UsersController < ApplicationController

  [snip]

  # We use this 'verify' method to provide an endpoint
  # for clients to poll for token verification
  # If the before filter rejects the user/token
  # they recieve a 401, else we respond with a 200
  # and the user params for verification on the remote app
  def verify
    user = User.find_by_authentication_token params[:token]
    render json: user
  end
end

エラーが言及している「ユーザー」メソッドがどこで呼び出されているのか、それが呼び出されているオブジェクトが何であるかはわかりません。

4

1 に答える 1