コントローラーPOSTアクションが「承認されていません」と応答します

Question

合計の問題がないので、Playフレームワークを使い始めました。

コントローラに「追加」アクションを追加しました。アクセスを試みると、HTTP 403ステータスの次のページが表示されます。

コントローラー：

package controllers 

import javax.inject._ 

import play.api._ 
import play.api.data._ 
import play.api.data.Forms._ 
import play.api.mvc._ 

/** 
* This controller creates an `Action` to handle HTTP requests to the 
* application's home page. 
*/ 
@Singleton 
class HomeController @Inject() extends Controller { 

    val userForm = Form(
    mapping(
     "todo" -> text 
    )(TodoData.apply)(TodoData.unapply) 
) 

    /** 
    * Create an Action to render an HTML page. 
    * 
    * The configuration in the `routes` file means that this method 
    * will be called when the application receives a `GET` request with 
    * a path of `/`. 
    */ 
    def index = Action { implicit request => 
    Ok(views.html.index()) 
    } 

    def add = Action { implicit request => 
    Ok(views.html.index()) 
    } 
} 
case class TodoData(todo: String) 

ルートの周り掘りの数時間後

# An example controller showing a sample home page 
GET /       controllers.HomeController.index 
POST /add      controllers.HomeController.add 

# Map static resources from the /public folder to the /assets URL path 
GET  /assets/*file    controllers.Assets.versioned(path="/public", file: Asset) 

index.scala.html

@() 

@main("Todo App") { 
    <h1>Welcome to the Todo app</h1> 
    <form action="/add" method="post"> 
     <label for="todo">TODO:</label> 
     <input type="text" name="todo" id="todo"> 

     <button type="submit">Add</button> 
    </form> 
} 

Answer 1

に管理Iこれを自分で解決する。 RTFMの1例。

POST要求とCSRFトークンに関連するいくつかの魔法のPlayがあるようです。 CSRFトークンがありませんでした。

index.scala.html

@(form: Form[TodoData])(implicit request: RequestHeader, messages: Messages) 

@main("Todo App") { 
    <h1>Welcome to the Todo app</h1> 
    @helper.form(action = routes.HomeController.add()) { 
     @helper.CSRF.formField 
     @helper.inputText(form("todo")) 
     <button type="submit">Add</button> 
    } 
} 

コントローラ

package controllers 

import javax.inject._ 

import play.api.data._ 
import play.api.data.Forms._ 
import play.api.mvc._ 
import play.api.i18n._ 

/** 
* This controller creates an `Action` to handle HTTP requests to the 
* application's home page. 
*/ 
@Singleton 
class HomeController @Inject()(val messagesApi: MessagesApi) extends Controller with I18nSupport { 

    val todoForm = Form(
    mapping(
     "todo" -> text 
    )(TodoData.apply)(TodoData.unapply) 
) 

    /** 
    * Create an Action to render an HTML page. 
    * 
    * The configuration in the `routes` file means that this method 
    * will be called when the application receives a `GET` request with 
    * a path of `/`. 
    */ 
    def index = Action { implicit request => 
    Ok(views.html.index(todoForm)) 
    } 

    def add = Action { implicit request => 
    val errorFunction = { formWithErrors: Form[TodoData] => 
     // This is the bad case, where the form had validation errors. 
     // Let's show the user the form again, with the errors highlighted. 
     // Note how we pass the form with errors to the template. 
     BadRequest(views.html.index(formWithErrors)) 
    } 

    val successFunction = { data: TodoData => 
     // This is the good case, where the form was successfully parsed as a Data. 

     Redirect(routes.HomeController.index()).flashing("info" -> "Todo task added!") 
    } 

    val formValidationResult = todoForm.bindFromRequest 
    formValidationResult.fold(errorFunction, successFunction) 
    } 
} 

case class TodoData(todo: String) 

：

は私がプレイフォームフォームを変更しました