Rails：ActiveModel :: ForbiddenAttributesError [英] Rails: ActiveModel::ForbiddenAttributesError

查看：328 发布时间：2017/10/19 22:02:24 ruby-on-rails ruby facebook

本文介绍了Rails：ActiveModel :: ForbiddenAttributesError的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在尝试使用OmniAuth将Facebook与我的网站整合，我想我在这里收到一些错误。现在当我点击使用Facebook登录它确实带给我的Facebook，但是很快，当我登录时，我收到一个错误说 ActiveModel :: ForbiddenAttributesError 。此外，我认为可能有一个问题我的路线，但我不知道。

此外，我遵循这个RailsCasts教程： http://railscasts.com/episodes/360-facebook-authentication?autoplay=true

编辑：错误在这一行这里，其中（auth.slice（：provider，：uid））。first_or_initialize.tap do | user |

omniauth.rb

  OmniAuth.config.logger = Rails.logger 
 
 Rails.application.config .middleware.use OmniAuth :: Builder做
提供者：facebook，ENV ['FACEBOOK_APP_ID']，ENV ['FACEBOOK_SECRET'] 
 end 
   def self.from_omniauth（auth）
其中（auth.slice（：provider，：uid））。first_or_initialize.tap do | user | 
 user.provider = auth.provider 
 user.uid = auth.uid 
 user.name = auth.info.name 
 user.oauth_token = auth.credentials.token 
 user.oauth_expires_at = Time.at（auth.credentials.expires_at）
 user.save！ 
 end 
 end 
 end

routes.rb

  Rails.application.routes.draw do 
 
 get'auth /：provider / callback'，to：' session＃create'
 get'auth / failure'，（'/ posts / index'）
 get'signout'，to：'sessions＃destroy'，as：'signout'
 
资源：欢迎
资源：帖子
 
 rootwelcome＃index

sessions_controller.rb

  class SessionsController< ApplicationController 
 def create 
 user = User.from_omniauth（env [omniauth.auth]）
会话[：user_id] = user.id 
 redirect_to root_url 
 end 
 
 def destroy 
 session [：user_id] = nil 
 redirect_to root_url 
 end 
 end

application_controller.rb

  class ApplicationController< ActionController :: Base 
＃通过引发异常来防止CSRF攻击。 
＃对于API，您可能需要使用：null_session。 
 protect_from_forgery with：：exception 
 
 private 
 
 def current_user 
 @current_user || = User.find（session [：user_id]）if session [ ：user_id] 
 end 
 helper_method：current_user 
 end

X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- 20045 X- ActiveRecord :: Base
def self.from_omniauth（auth）
其中（provider：auth.provider，uid：auth.uid）.first_or_initialize do | user |
user.provider = auth.provider
user.uid = auth.uid
user.name = auth.info.name
user.oauth_token = auth.credentials.token
user.oauth_expires_at = Time.at（auth.credentials.expires_at）
user.save！
end
end
end

I'm trying to use OmniAuth to integrate Facebook with my website, and I think I'm getting a few errors here. Right now when I click "Sign in with Facebook" it does bring me to Facebook, but soon as I sign in I get an error saying ActiveModel::ForbiddenAttributesError. Also, I think there might be an issue my routes as well but I'm not sure.

Also, I followed this RailsCasts tutorial: http://railscasts.com/episodes/360-facebook-authentication?autoplay=true

Edit: The error is on this line here, where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|

omniauth.rb

OmniAuth.config.logger = Rails.logger

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_SECRET']
end

user.rb

class User < ActiveRecord::Base
  def self.from_omniauth(auth)
    where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
      user.provider = auth.provider
      user.uid = auth.uid
      user.name = auth.info.name
      user.oauth_token = auth.credentials.token
      user.oauth_expires_at = Time.at(auth.credentials.expires_at)
      user.save!
    end
  end
end

routes.rb

Rails.application.routes.draw do

  get 'auth/:provider/callback', to: 'sessions#create'
  get 'auth/failure',  ('/posts/index')
  get 'signout', to: 'sessions#destroy', as: 'signout'

  resources :welcome
  resources :posts

  root "welcome#index"

sessions_controller.rb

class SessionsController < ApplicationController
  def create
    user = User.from_omniauth(env["omniauth.auth"])
    session[:user_id] = user.id
    redirect_to root_url
  end

  def destroy
    session[:user_id] = nil
    redirect_to root_url
  end
end

application_controller.rb

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  private

  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end
  helper_method :current_user
end

解决方案

Modify your finder like so:

class User < ActiveRecord::Base
  def self.from_omniauth(auth)
    where(provider: auth.provider, uid: auth.uid).first_or_initialize do |user|
      user.provider = auth.provider
      user.uid = auth.uid
      user.name = auth.info.name
      user.oauth_token = auth.credentials.token
      user.oauth_expires_at = Time.at(auth.credentials.expires_at)
      user.save!
    end
  end
end

这篇关于Rails：ActiveModel :: ForbiddenAttributesError的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

Rails：ActiveModel :: ForbiddenAttributesError [英] Rails: ActiveModel::ForbiddenAttributesError

问题描述

相关文章

其他开发最新文章

热门教程

热门工具

登录关闭

Rails：ActiveModel :: ForbiddenAttributesError [英] Rails: ActiveModel::ForbiddenAttributesError

问题描述

相关文章

其他开发最新文章

热门教程

热门工具

登录 关闭

登录关闭