Rails + omniauth + facebook - csrf检测到 [英] Rails + omniauth + facebook - csrf detected

查看:402
本文介绍了Rails + omniauth + facebook - csrf检测到的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在通过现有的 facebook 帐户登录网站。所以我注册了一个Facebook应用程序,并在 development.rb 生产中存储 api 秘密 .rb 文件。然后我使用 omniauth-facebook gem + devise gem 来实现这一点。它工作完美。



顺便说一下,用户可以通过内部身份验证(由devise)或usig facebook帐户进行登录。



<不过有一个奇怪的问题。如果我登录到Facebook帐户,我注册了一个应用程序,它完美的只有



所以我注册了另一个没有在Rails应用程序中使用的应用程序并尝试登录的Facebook帐户。它导致错误发生错误,请稍后再试。 ... 无法验证您的Facebook帐户,因为Csrf检测到



我试图使用1.4.0 omniauth-facebook宝石而不是1.4.1一个,但它也引起错误必须通过代码参数或签名的请求(通过 signed_request 参数或 fbsr_XXX cookie)



宝石

  oauth2(0.8.0)
 omniauth(1.1.0)
 omniauth-oauth2 1.1.0)
 omniauth-facebook(1.4.1)
 warden(1.2.1)
 devise(2.1.2)

您的想法?

解决方案

我也有这个问题,原来我还在我的Facebook应用程序中启用了沙箱模式。听起来像这样也可能是你的问题:)



如果没有,你能否张贴任何相关的日志条目?


I'm working on logging in a site via existing facebook account. So I registered a facebook application and stored api and secret in development.rb and production.rb files. Then I used omniauth-facebook gem + devise gem to implement this. It works perfect.

By the way, an user can login either by internal authentication (by devise) or by usig facebook account.

However there is a weird issue. It works perfect only if I login into facebook account in that I registered an application.

So I registered another facebook account that didn't have an application used in my Rails application and tried to login. It caused an error "An error occurred. Please try again later." ... "Could not authenticate you from Facebook-Account because "Csrf detected""

I tried to use 1.4.0 omniauth-facebook gem instead of 1.4.1 one but it also caused an error "must pass either acodeparameter or a signed request (viasigned_requestparameter or afbsr_XXXcookie)"

Gems

oauth2 (0.8.0) 
omniauth (1.1.0) 
omniauth-oauth2 (1.1.0) 
omniauth-facebook (1.4.1) 
warden (1.2.1)
devise (2.1.2)

Your ideas?

解决方案

I had this issue as well, turns out I still had "sandbox" mode enabled in my Facebook application. Sounds like this may be your issue as well :)

If not, could you please post any related log entries?

这篇关于Rails + omniauth + facebook - csrf检测到的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆