更新时间:2023-12-04 21:28:22
尝试:
验证:
curl -H'Content-Type:application / json'\
-H'Accept:application / json'\
-X POST http:// localhost:3000 / users / sign_in \
-d{'user':{'email':'test@example.com','password':'password'}}\
-c cookie
显示:
curl -H'Content-Type:application / json'\
-H'Accept:application / json'\
-X GET http:// localhost:3000 / pag es / 1.xml \
-b cookie
对于发布
请求 -
您需要一个 CSRF令牌用于Rails 3中的非GET请求。
这是因为默认情况下,Rails会向表单添加真实性令牌,以防止提交参数的恶意伪造。因为你不提供这个令牌与你的请求,rails不接受它。你可以通过
skip_before_filter:verify_authenticity_token
I'm using Devise (2.1.2) and Rails (3.2.9) and I've enabled basic authentication (for testing). I'm posting a JSON POST request using CURL and I'm seeing weird behavior. The authentication fails the first time I send the request (after server restart) but succeeds after sending the exact same request the second time.
When debugging, it seems that the winning_strategies are nil on the first attempt but populated with three strategies on the second attempt.
What is the cause of this behavior?
Try:
Authenticate:
curl -H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-X POST http://localhost:3000/users/sign_in \
-d "{'user' : { 'email' : 'test@example.com', 'password' : 'password'}}" \
-c cookie
Show:
curl -H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-X GET http://localhost:3000/pages/1.xml \
-b cookie
For post
requests -
You need a CSRF token for non-GET requests in Rails 3 .
This is because Rails by default adds an authenticity token to forms to protect from malicious forgery of submitted parameters. As you do not supply this token with your request, rails does not accept it. You can bypass this with
skip_before_filter :verify_authenticity_token