【发布时间】:2015-11-07 12:46:13
【问题描述】:
我成功地生成了在 ios 端工作的令牌,并且我设置了一个 heroku rails 应用程序。如何在服务器端检索此令牌?
得到错误`Completed 500 Internal Server Error in 1ms (ActiveRecord: 0.0ms)
NoMethodError(未定义方法[]' for nil:NilClass):
app/controllers/login_controller.rb:11:in 'log_in'
这是我的控制器代码:
class LoginController < ApplicationController
def index
end
def log_in
puts params
headers = {"X-Parse-Application-Id" => "APIKEY",
"X-Parse-REST-API-Key" => "APIKEY"}
query = {:username => params[:user][:username],
:password => params[:user][:password]}
@response = HTTParty.get('https://api.parse.com/1/login',
:query => query,
:headers => headers)
session[:session_token] = @response["sessionToken"]
session[:object_id] = @response["objectId"]
@object_id = session[:object_id]
@test = HTTParty.get("https://api.parse.com/1/classes/_User/#{@object_id}",
:headers => {"X-Parse-Application-Id" => "APIKEY",
"X-Parse-REST-API-Key" =>"APIKEY"} )
session[:stripe_acct_id] = @test["uid"]
end
def logout
logout = HTTParty.post('https://api.parse.com/1/logout',
:headers => {"X-Parse-Application-Id" => "APIKEY",
"X-Parse-REST-API-Key" => "APIKEY",
"X-Parse-Session-Token" => session[:session_token]})
reset_session
redirect_to :controller => "login"
end
def deauthorize
@object_id = session[:object_id]
HTTParty.post("https://connect.stripe.com/oauth/deauthorize",
:basic_auth => { :username => ENV['STRIPE_SECRET'] },
:query => { client_id: ENV['STRIPE_CONNECT_CLIENT_ID'],
stripe_user_id: session[:stripe_acct_id]})
end
end
【问题讨论】:
-
你使用 StripeJS 或 Checkout 吗?
-
我也没有实现,我正在使用 Stripe Connect
-
我刚跑了
heroku logs,我看到令牌已收到,但在令牌的参数之后,它说Can't verify CSRF token authenticity -
在你的控制器中为你的方法添加protect_from_forgery: :null
-
您也可以只在特定操作上跳过验证
skip_before_filter :verify_authenticity_token, only: :my_unprotected_action
标签: ios ruby-on-rails ruby stripe-payments