设计和 OmniAuth 记住 OAuth [英] Devise and OmniAuth remembering OAuth

问题描述

所以，我刚刚通过 https:/使用 Rails 3、Devise 和 OmniAuth 进行设置/github.com/plataformatec/devise/wiki/OmniAuth:-概览.

我通过 Facebook 成功验证了用户身份，但尽管被标记为:

I'm successfully authenticating users via Facebook, but they are not "rememberable" despite being marked with:

devise [...]: rememberable, :omniauthable

我试着打电话:

@the_user.remember_me!

……无济于事.没有存储/设置 cookie，这意味着用户不会跨会话持续存在.

...to no avail. No cookie is being stored/set which means the user does not persist across sessions.

有没有人设法通过 cookie 记住来自 FB 的用户?在我看来，这应该是自动发生的.

Has anybody managed to get a user sourced from FB remembered via cookies? In my mind, this should be happening automatically.

感谢你们的任何想法或反馈.

Thanks for any ideas or feedback you guys might have.

推荐答案

我同意您希望 Devise 在请求进入 FB 之前设置会话.我猜这是 Devise 缺少的功能.

I agree that you would expect Devise to set a session before the request goes to FB. I guess this is a missing feature of Devise.

我自己在使用 token_authenticable 时遇到了问题.一个 api 客户端直接调用以下网址:

I had the problem myself where I used token_authenticatable. An api client was calling the following url directly:

/users/auth/facebook?auth_token=TnMn7pjfADapMdsafOFIHKgJVgrBEbjKqrubwMXUca0n16m3Hzr7CnrP1s4z

因为我使用的是 token_authenticable，所以我假设这会登录用户.不幸的是，这不是开箱即用的.要使其正常工作，您必须做的是确保用户在到达此路径之前已登录.您可以通过其他方式实现，但最简单的方法是为 API 客户端提供不同的 url(在本例中为users/connect/facebook".这是我对路由文件的补充，使其工作(假设您有带有设计的用户模型并且您没有更改默认值):

Since I was using token_authenticatable i was assuming this would sign in the user. Unfortunately this doesn't work out of the box. What you have to do to get this working is making sure that the user is logged in before it gets to this path. You can do it in other ways, but the easiest way is to give a different url to the API client (in this case "users/connect/facebook". Here is my addition to the routes file that makes it work (assuming you have a user model with devise and you didn't change defaults):

authenticate :user do
  get 'users/connect/:network', :to => redirect("/users/auth/%{network}")
end

这将确保会话被正确创建，以便用户从 Facebook 返回时被识别.

This will make sure the session is correctly created so the user is being recognized when he/she returns from facebook.

这篇关于设计和 OmniAuth 记住 OAuth的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！