# add user model v
form_with(model: @user, url: sessions_path, method: :post)
这样,生成的输入name
属性将是user[email]
和user[password]
.因为您的params
必须具有用户密钥:{user: {email: "myemail", password: "123"}}
,因为您需要它params.require(:user)
.
此外,如果您有Turbo个错误响应(在rails 7中默认为Turbo个),您将需要它才能显示错误响应:
render :new, status: :unprocessable_entity
Update个
创建表单时,最重要的部分是表单构建器生成的name
个属性:
<%= form_with url: "/sign_in", method: :post do |f| %>
<%= f.text_field :email %>
<%#=> <input type="text" name="email"> %>
<% end %> # ^^^^^
<%= form_with model: @user, url: "/sign_in", method: :post do |f| %>
<%= f.text_field :email %>
<%#=> <input type="text" name="user[email]"> %>
<% end %> # ^^^^^^^^^^^
You just have to know how form_with
works:
https://api.rubyonrails.org/classes/ActionView/Helpers/FormHelper.html#method-i-form_with
提交表单将把您带到SessionsController#create
,提交的表单参数由Rails解析,并在params
助手中可用,对于URL编码的参数,它看起来如下所示:
# name=value
>> Rack::Utils.parse_nested_query("email=asdf")
=> {"email"=>"asdf"}
>> Rack::Utils.parse_nested_query("user[email]=asdf")
=> {"user"=>{"email"=>"asdf"}}
默认情况下,params
返回ActionController::Parameters
对象.你必须允许参数,这样你才能把它们提供给User
型号.这是不允许的:User.create(params)
,因为我可以发送email=myemail&superadmin=true
,而现在我负责.
In your controller, first thing that happens is a call to
user_params[:email]
=> params.require(:user).permit(:email,:password)
>> parameters = Rack::Utils.parse_nested_query("email=myemail")
>> params = ActionController::Parameters.new(parameters)
# ^ this is what you have
# v this is what happens (you have to look at server logs)
>> params.require(:user)
/home/alex/.rbenv/versions/3.2.2/lib/ruby/gems/3.2.0/gems/actionpack-7.0.4.3/lib/action_controller/metal/strong_parameters.rb:500:in `require':
param is missing or the value is empty: user (ActionController::ParameterMissing)
如果加上model: @user
:
>> parameters = Rack::Utils.parse_nested_query("user%5Bemail%5D=myemail")
>> params = ActionController::Parameters.new(parameters)
>> params.require(:user)
=> #<ActionController::Parameters {"email"=>"myemail"} permitted: false>
>> params.require(:user).permit(:email)
=> #<ActionController::Parameters {"email"=>"myemail"} permitted: true>
# ^
# everything else should work from this point
请注意,在获取单个属性时,不必允许使用参数,例如User.find(params[:id])
.
我怎么确定这一点的?看这张表格,看到model: @user
,这意味着上面的所有^.这是一个常见的问题.但您所要做的就是查看日志(log),您可以在那里看到PARAMETERS以及浏览器中没有显示的任何错误.