Consider the following scenario:
请考虑以下情形:
1) WebSocket authenticates the connection.
1)WebSocket验证连接。
def connect
self.current_user = find_verified_user
logger.add_tags "ActionCable", "User #{current_user.id}"
end
2) When connection is established, inform the user
2)建立连接后,通知用户
connected: ->
$("body").append("<div class='connection ok'>Connected.</div>")
3) When connection is lost, inform the user
3)当连接丢失时,通知用户
disconnected: ->
$("pop-up").append("<div class='connection'>Offline, trying to reconnect...</div>")
4) When user logs out.....
4)用户退出时.....
An unauthorized connection attempt was rejected
###User is now informed connection is lost. Which should not happen.
My question: How can I change:
我的问题:我怎样才能改变:
mount ActionCable.server => '/cable'
To only work within the scope of:
仅在以下范围内工作:
authenticated :user do
root 'users#index', as: :authenticated_root
end
1 个解决方案
#1
1
Alternative Solution
An unauthorized connection attempt was rejected
未经授权的连接尝试被拒绝
...happens when reject_unauthorized_connection is called in your connection.rb.
...在您的connection.rb中调用reject_unauthorized_connection时发生。
-
This may be either intentional or not:
这可能是有意或无意:
-
remove
reject_unauthorized_connectionif you want to allow non-signed-users to subscribe to the channel:current_userbecomesnil如果要允许非签名用户订阅该频道,请删除reject_unauthorized_connection:current_user变为nil
-
To be able to still identify the user, you can add another identifier (
:session_id) :为了能够识别用户,您可以添加另一个标识符(:session_id):
module ApplicationCable class Connection < ActionCable::Connection::Base identified_by :current_user identified_by :session_id def connect self.current_user = find_verified_user self.session_id = request.session.id end private def find_verified_user User.find_by(id: cookies.signed[:user_id]) end # ... - You may want to write your own authorisation in your *_channel.rb instead of here in the connection.rb if you'll need further authorisation rules between guest and signed-in users.
- 如果您在访客和登录用户之间需要进一步的授权规则,您可能希望在* _channel.rb中编写自己的授权,而不是在connection.rb中。
-
- retain
reject_unauthorized_connectionif you only want signed-in users to be able to subscribe to your channels. - 如果您只希望登录用户能够订阅您的频道,请保留reject_unauthorized_connection。
-
#1
1
Alternative Solution
An unauthorized connection attempt was rejected
未经授权的连接尝试被拒绝
...happens when reject_unauthorized_connection is called in your connection.rb.
...在您的connection.rb中调用reject_unauthorized_connection时发生。
-
This may be either intentional or not:
这可能是有意或无意:
-
remove
reject_unauthorized_connectionif you want to allow non-signed-users to subscribe to the channel:current_userbecomesnil如果要允许非签名用户订阅该频道,请删除reject_unauthorized_connection:current_user变为nil
-
To be able to still identify the user, you can add another identifier (
:session_id) :为了能够识别用户,您可以添加另一个标识符(:session_id):
module ApplicationCable class Connection < ActionCable::Connection::Base identified_by :current_user identified_by :session_id def connect self.current_user = find_verified_user self.session_id = request.session.id end private def find_verified_user User.find_by(id: cookies.signed[:user_id]) end # ... - You may want to write your own authorisation in your *_channel.rb instead of here in the connection.rb if you'll need further authorisation rules between guest and signed-in users.
- 如果您在访客和登录用户之间需要进一步的授权规则,您可能希望在* _channel.rb中编写自己的授权,而不是在connection.rb中。
-
- retain
reject_unauthorized_connectionif you only want signed-in users to be able to subscribe to your channels. - 如果您只希望登录用户能够订阅您的频道,请保留reject_unauthorized_connection。
-