我正在阅读Devise gem的初始化文件(config / initializers / deviser.rb),并且很难理解这部分内容.
# By default Devise will store the user in session. You can skip storage for # :http_auth and :token_auth by adding those symbols to the array below. # Notice that if you are skipping storage for all authentication paths,you # may want to disable generating routes to Devise's sessions controller by # passing :skip => :sessions to `devise_for` in your config/routes.rb config.skip_session_storage = [:http_auth]
我之所以看这个是因为我正在尝试使用基于api的令牌认证,在这种情况下我需要将该配置行更改为:
config.skip_session_storage = [:http_auth,:token_auth]
解决方法
很简单,它告诉Devise不要将用户存储在会话中.这是另一个解释:
skip_session_storage:默认情况下,Devise会将用户存储在会话中.您可以通过将值附加到数组来跳过存储以获取http和令牌身份验证:: skip_session_storage => [:token_auth]或:skip_session_storage => [:http_auth,:token_auth],默认情况下设置为skip_session_storage => [:http_auth].
Devise::Models::Authenticatable
为了您的意图和目的,我将使用Warden / Devise禁用会话缓存;我相信它干扰了某些API(尽管我不相信).希望有所帮助.