如何处理Devise的身份验证

如何处理Devise的身份验证

本文介绍了在Rails 3.2应用程序中使用多个模型时,如何处理Devise的身份验证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用Rails 3.2应用程序,我使用Devise进行身份验证。我决定尝试单表继承来管理用户角色,但是我很快遇到了一个问题。我目前有三个用户模型, User< ActiveRecord Admin<用户协作者<用户。管理员和协作者共享大多数用户列,但它们的行为和权限略有不同。我的模型目前看起来像这样:

I'm working on a Rails 3.2 app where I use Devise for authentication. I decided to try single table inheritance for managing user roles, but I quickly ran into a problem. I currently have three User models, User < ActiveRecord, Admin < User and Collaborator < User. Admin and Collaborator share most User columns, but they have slightly different behaviors and privileges. My models currently looks like this:

class User < ActiveRecord::Base

  devise :database_authenticatable, :registerable,
     :recoverable, :rememberable, :trackable, :validatable, :token_authenticatable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :name, :password, :password_confirmation, :remember_me

  before_save :ensure_authentication_token

  [...]

end

class Admin < User
  has_one :account, dependent: :destroy
  attr_accessible :account_attributes
  accepts_nested_attributes_for :account
end


class Collaborator < User
  has_one :account
end

class Account < ActiveRecord::Base
  attr_accessible :name
  validates_presence_of :name
  has_many :projects, dependent: :destroy
  has_many :users
end

当我尝试在我的ProjectController(以及需要身份验证的其他控制器)中验证管理员和协作者时,遇到问题:

The problem aries when I try to authenticate Admins and Collaborators in my ProjectController (and other controllers where I need authentication):

# Causes problem, no one can access anything.
before_filter :authenticate_admin!
before_filter :authenticate_collaborator!

一个类似的问题是与devise的帮助方法为ie。 current_user,现在我有current_admin和current_collaborator,我通过创建一个以前的过滤器和方法来解决:

A similar problem I had was with devise's helper methods for ie. current_user, now I have current_admin and current_collaborator, I "solved" that by creating a before filter and method:

def set_current_user
  @current_user = current_admin || current_collaborator
end

有没有一个类似或简单的解决方案我的身份验证问题与Devise,或你会推荐另一种方法比单表继承,这会是什么?

Is there a similar or simple solution for my authentication problem with Devise, or would you recommend another approach than Single Table Inheritance, and what would that be?

我的目标是,1.当新用户注册时,他们成为管理员,当他们创建帐户时,也会创建一个帐户模型。 2.新的(管理员)用户可以邀请其他用户到帐户,这将是协作者。管理员和协作者应具有不同的权限。合作者不会在注册时创建新的帐户(公司可能是我的帐户模型更好的名称),因此管理员和协作者将需要稍微不同的注册和编辑表单。

My goal is, 1. when new users signs up, they become Admins, when they create their account, an Account model is also created. 2. The new (Admin) user can then invite additional users to the Account, which will be Collaborators. 3. Admins and Collaborators should have different privileges. Collaborators won't create new "Accounts" when they sign up (company could be a better name for my Account model) so Admin and Collaborators will need slightly different forms for signing up and editing.

谢谢。

更新

我通过在过滤器之前创建一个类似的解决 :

I kinda "solved" it by creating a similar before filter:

def authenticate!
  if @current_user == current_admin
    :authenticate_admin!
  elsif @current_user == current_collaborator
    :authenticate_collaborator!
  end
end

对可能更优雅的解决方案的建议仍然不胜感激。

Suggestions on possibly more elegant solutions would still be appreciated.

推荐答案

您可以使用以下解决方案解决这个问题

You can solve this using the following solution


def authenticate!
    if modelA_user_signed_in?
      @current_user = current_modelA
      true
    else
      authenticate_modelB!
    end

  end

这篇关于在Rails 3.2应用程序中使用多个模型时,如何处理Devise的身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-01 18:27