问题描述
由于我在欧盟,我相信我所制作的所有网站必须遵守这个愚蠢的欧盟规定,禁止cookie使用,而无需用户的知情同意(并要求用户选择加入)。
Since I am based in European Union, I believe all the websites I make have to comply with this stupid EU regulation that bans cookie use without user's informed consent (and require the user to opt-in).
我的目的是要完全超过,并且要求用户在没有用户发送_#{app_name} _sessioncookie时要求(重新)接受服务条款 - )只有在用户在所述ToS中单击[ACCEPT]之后才创建它。
My intention is to go "full-overkill" and require user to (re-)accept Terms of Service whenever there's no "_#{app_name}_session" cookie sent from user and (re-)create it only after user clicks [ACCEPT] in said ToS.
基本上,当有人访问应用程序时,用户将被迫显式接受ToS或登录以便能够使用应用/网站。
Basically, whenever someone visits the app, the user will be forced to explicitly accept ToS or Sign in to be able to use the app/website.
如何在Rails 4中实现这一点?
How can I make this happen in in Rails 4?
在PHP中,我只需要添加
In PHP I'd just need to add
if (session_status() != PHP_SESSION_ACTIVE){
header("Location: /terms-of-service");
}
到 index.php
to the beginning of the index.php
然后我需要确保只有 session_start()
服务 / terms-of-service
页面,项目中没有其他实例。
I would then need to make sure that the only session_start()
is at the file that serves the /terms-of-service
page and there is no other instance anywhere else in the project.
但是如何使用Rails?
But how to do this with Rails?
推荐答案
可以通过创建 before_filter
在 ApplicationController
中:
class ApplicationController < ActionController::Base
before_filter :validate_toc!
private
def validate_toc!
# check if guest user has not already accepted the toc from session
redirect_to toc_path, alert: 'Please accept ToC to continue.' if sesion[:tos].nil? || !user_logged_in?
end
end
注意: sesion [: tos]
是在用户接受ToS时设置值的位置。 toc_path
应在routes.rb中设置,例如像这样:
Note: sesion[:tos]
is where you set value when user accepts ToS. toc_path
should be set in routes.rb, for example like this:
get '/path/to/toc' => 'pages#toc', :as => :toc
这篇关于在Ruby on Rails 4(欧盟立法)中强制禁用Cookie,直到用户(重新)接受ToS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!