Webhook在Rails中返回401
我使用Fluidsurveys创建了一个webhook,它对应于这个控制器:
class HooksController params[:_completed]) response.invite_email = params[:_invite_email] response.locale = params[:_locale] response.key = params[:_key] response.webhook = params[:webhook] response.survey_name = params[:survey_name] response.username = params[:_username] response.weighted_score = params[:_weighted_score] response.completion_time = params[:_completion_time] response.ip_address = params[:_ip_address] response.num_responses = params[:num_responses] response.survey_id = params[:survey_id] response.invite_name = params[:_invite_name] response.language = params[:_language] response.referrer = params[:_referrer] response.fs_created_at = params[:_created_at] response.fs_updated_at = params[:_updated_at] response.survey_url = params[:survey_url] response.fs_id = params[:_id] response.collector_id = params[:_collector_id] response.comment = params[:Comment] response.nps_score = params[:NPSScore] response.save! end # The webhook doesn't require a response but let's make sure # we don't send anything render :nothing => true end end webhook看起来工作得很好,正如我在日志中看到的那样:
2014-01-20T13:49:01.231772+00:00 app[web.1]: Started POST "/hooks/response_created_callback" for 184.107.171.218 at 2014-01-20 13:49:01 +0000 2014-01-20T13:49:01.327989+00:00 app[web.1]: Processing by HooksController#response_created_callback as */* 2014-01-20T13:49:01.328149+00:00 app[web.1]: Parameters: {"_invite_email"=>"N/A", "_locale"=>"298", "_updated_at"=>"2014-01-20 13:49:00.738850", "_language"=>"en", "_key"=>"b5ec09680a4274cec0052d4049bec338a906e5b8", "webhook"=>"event", "survey_name"=>"Test", "_referrer"=>"http://fluidsurveys.com/surveys/marketing/test-nps-for-dc/", "_username"=>"marketing", "survey_url"=>"http://fluidsurveys.com/surveys/marketing/test-nps-for-dc/", "_id"=>"39164209", "_created_at"=>"2014-01-20 13:49:00.243640", "_weighted_score"=>"0.0", "_completion_time"=>"00:00:00", "_completed"=>"1", "_ip_address"=>"66.192.31.1", "yptmAoJw6i"=>"Detractor: 0", "num_responses"=>"261", "survey_id"=>"263692", "_extra_info"=>"weighted_score", "_invite_name"=>"N/A"} 2014-01-20T13:49:01.369963+00:00 app[web.1]: Completed 401 Unauthorized in 41ms
正如您所看到的,post会转到正确的控制器操作。 路线设置正确,但我收到401错误。 我不明白这里需要进行哪些身份validation… params正在传递给控制器,在我看来,我认为我的应用程序无需对任何内容进行身份validation。 它收到一个请求,执行它所说的,然后就完成了。
我在这里错过了什么导致401错误?
编辑:
从我的控制器中删除skip_before_filter :verify_authenticity_token后,我收到此错误:
Can't verify CSRF token authenticity 2014-01-20T16:07:12.222512+00:00 app[web.1]: Completed 422 Unprocessable Entity in 28ms 2014-01-20T16:07:12.225905+00:00 app[web.1]: 2014-01-20T16:07:12.225905+00:00 app[web.1]: ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
问题是我使用devise进行用户身份validation,我的应用程序阻止了post请求,因为没有身份validation凭据传递给我的控制器。
通过将此行添加到我的控制器,我解决了问题:
skip_before_filter :verify_authenticity_token, :authenticate_user!