王筝的博客
ruby学习

经过排查,是因为 Capistrano 部署中设置了 http_proxy。此时通过 cas.m.xxxx.com 域名去访问 CAS 服务时,就不通了,需要修改为 IP 来访问。
但是公司的 CAS 服务 cas.xxxx.com,即使设置了代理,也是可以访问的。所以 以后的系统建议都使用公司的 CAS

(1)新增gem

gem 'devise'

 

(2)添加devise配置文件

/workspace/shop:$ rails generate devise:install User
      create  config/initializers/devise.rb
      create  config/locales/devise.en.yml
===============================================================================

Some setup you must do manually if you haven't yet:

  1. Ensure you have defined default url options in your environments files. Here
     is an example of default_url_options appropriate for a development environment
     in config/environments/development.rb:

       config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }

     In production, :host should be set to the actual host of your application.

  2. Ensure you have defined root_url to *something* in your config/routes.rb.
     For example:

       root to: "home#index"

  3. Ensure you have flash messages in app/views/layouts/application.html.erb.
     For example:

       <p class="notice"><%= notice %></p>
       <p class="alert"><%= alert %></p>

  4. If you are deploying on Heroku with Rails 3.2 only, you may want to set:

       config.assets.initialize_on_precompile = false

     On config/application.rb forcing your application to not access the DB
     or load models when precompiling your assets.

  5. You can copy Devise views (for customization) to your app by running:

       rails g devise:views

===============================================================================

(3) 添加一个user的model

/workspace/shop:$ rails generate devise User
      invoke  active_record
      create    db/migrate/20151026095446_devise_create_users.rb
      create    app/models/user.rb
      invoke    rspec
      create      spec/models/user_spec.rb
      insert    app/models/user.rb
       route  devise_for :users

(4) 安装devise视图文件

/workspace/shop:$ rails g devise:views
      invoke  Devise::Generators::SharedViewsGenerator
      create    app/views/devise/shared
      create    app/views/devise/shared/_links.html.erb
      invoke  form_for
      create    app/views/devise/confirmations
      create    app/views/devise/confirmations/new.html.erb
      create    app/views/devise/passwords
      create    app/views/devise/passwords/edit.html.erb
      create    app/views/devise/passwords/new.html.erb
      create    app/views/devise/registrations
      create    app/views/devise/registrations/edit.html.erb
      create    app/views/devise/registrations/new.html.erb
      create    app/views/devise/sessions
      create    app/views/devise/sessions/new.html.erb
      create    app/views/devise/unlocks
      create    app/views/devise/unlocks/new.html.erb
      invoke  erb
      create    app/views/devise/mailer
      create    app/views/devise/mailer/confirmation_instructions.html.erb
      create    app/views/devise/mailer/reset_password_instructions.html.erb
      create    app/views/devise/mailer/unlock_instructions.html.erb

(5)生成下表

/workspace/shop:$ rake db:migrate
== 20151026095446 DeviseCreateUsers: migrating ================================
-- create_table(:users)
   -> 0.0312s
-- add_index(:users, :email, {:unique=>true})
   -> 0.0004s
-- add_index(:users, :reset_password_token, {:unique=>true})
   -> 0.0004s
== 20151026095446 DeviseCreateUsers: migrated (0.0322s) =======================

(6)导航栏增加登录 注册的入口app/views/layouts/application.html.erb

          <ul class="nav navbar-nav navbar-right">
            <% if user_signed_in? %>
              <li><%= link_to current_user.email, profile_path %></li>
              <li><%= link_to "退出", destroy_user_session_path, method: :delete %></li>
            <% else %>
              <li><%= link_to "登录", new_user_session_path %></li>
              <li><%= link_to "注册", new_user_registration_path %></li>
            <% end %>
          </ul>

(7)修改下登录页面的样式

<div class="row">
  <div class="col-md-6">
    <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
      <div class="form-group">
        <%= f.label :email, class: "control-label" %>
        <%= f.email_field :email, autofocus: true, class: "form-control" %>
      </div>

      <div class="form-group">
        <%= f.label :password, class: "control-label" %>
        <%= f.password_field :password, autocomplete: "off", class: "form-control" %>
      </div>

      <% if devise_mapping.rememberable? -%> 
        <div class="form-group">
          <%= f.check_box :remember_me %>
          <%= f.label :remember_me %>
        </div>
      <% end -%> 

      <div class="actions">
        <%= f.submit "登录", class: "btn btn-primary" %>
        <%= link_to "忘记密码", new_password_path(resource_name), class: "btn btn-link" %>
      </div>
    <% end %>
  </div>
</div>

(8)为了保护我们的方法,在每个方法前加一个登录校验app/controllers/application_controller.rb

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  before_action :authenticate_user!
end

(9)对于不需要登录就可以公开的一些页面,在controller里增加跳过验证的语句

class ProductsController < ApplicationController
  skip_before_action :authenticate_user!, only: [:index, :show]

 

http://guides.rubyonrails.org/v3.0.8/action_controller_overview.html#filters  (例子来源)

http://apidock.com/rails/v3.0.5/AbstractController/Callbacks/ClassMethods/skip_filter

http://apidock.com/rails/ActionController/Filters/ClassMethods/skip_before_filter

官方文档给出的例子

class LoginsController < ApplicationController

  skip_before_filter :require_login, :only => [:new, :create]
end