尝试：

验证：

  curl -H'Content-Type：application / json'\ 
 -H'Accept：application / json'\ 
 -X POST http：// localhost：3000 / users / sign_in \ 
 -d{'user'：{'email'：'test@example.com'，'password'：'password'}}\ 
 -c cookie 
 

显示：

  curl -H'Content-Type：application / json'\ 
 -H'Accept：application / json'\ 
 -X GET http：// localhost：3000 / pag es / 1.xml \ 
 -b cookie 
 

对于发布请求 -

您需要一个 CSRF令牌用于Rails 3中的非GET请求。

这是因为默认情况下，Rails会向表单添加真实性令牌，以防止提交参数的恶意伪造。因为你不提供这个令牌与你的请求，rails不接受它。你可以通过

  skip_before_filter：verify_authenticity_token 
 

I'm using Devise (2.1.2) and Rails (3.2.9) and I've enabled basic authentication (for testing). I'm posting a JSON POST request using CURL and I'm seeing weird behavior. The authentication fails the first time I send the request (after server restart) but succeeds after sending the exact same request the second time.

When debugging, it seems that the winning_strategies are nil on the first attempt but populated with three strategies on the second attempt.

What is the cause of this behavior?

Try:

Authenticate:

curl -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -X POST http://localhost:3000/users/sign_in \
  -d "{'user' : { 'email' : 'test@example.com', 'password' : 'password'}}" \
  -c cookie

Show:

curl -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -X GET http://localhost:3000/pages/1.xml \
  -b cookie

For post requests -

You need a CSRF token for non-GET requests in Rails 3 .

This is because Rails by default adds an authenticity token to forms to protect from malicious forgery of submitted parameters. As you do not supply this token with your request, rails does not accept it. You can bypass this with

skip_before_filter :verify_authenticity_token