如何在设备/ omniauth中删除授权时允许用户输入密码

时间:2012-04-26 00:57:46

标签: ruby-on-rails-3 devise omniauth

我有一个rais 3应用程序,它使用devise和omniauth允许用户通过他们的Twitter帐户和/或本地登录凭据注册/登录。一切正常,可以注册和登录。当用户选择在没有首先建立本地密码的情况下销毁他们的Twitter授权时,我的问题就出现了。如果用户破坏了他们的授权,那么我想将它们路由到new_password_path,以便他们可以为将来的登录选择密码。

这是控制器代码:

   class AuthenticationsController < ApplicationController
      before_filter :authenticate_user!, :except => [:create, :failure]

      def create
        omniauth = request.env["omniauth.auth"]
        authentication = Authentication.find_by_provider_and_uid(omniauth['provider'], omniauth['uid'])
        if authentication #existing user is logging-in with existing authentication service
          flash[:notice] = "Signed in successfully."
          set_home_location_cookies(authentication.user, authentication.user.home_lat, authentication.user.home_lng)
          sign_in(:user, authentication.user)
          redirect_to root_path
        elsif current_user #existing user who is already logged-in is creating a new authentication service for future use
          current_user.authentications.create!(:provider => omniauth['provider'], :uid => omniauth['uid'], :token => omniauth['credentials']['token'])
          current_user.update_posting_preferences(omniauth['provider'])
          flash[:notice] = "Successfully linked to your #{omniauth['provider'].titleize} account."
          redirect_to root_path
        else #new user is creating a new authentication service and logging in
          user = User.new
          user.apply_omniauth(omniauth)
          if user.save
            flash[:notice] = "Signed in successfully."
            sign_in(:user, user)
            redirect_to root_path
          else
            session[:omniauth] = omniauth.except('extra')
            session[:user_message] = {:success => false, :message => "userSaveError"}
            redirect_to new_user_registration_url
         end
        end
      end


      def failure
        flash[:alert] = "Could not authorize you from your social service."
        redirect_to root_path
      end

      def destroy
        @authentication = current_user.authentications.find(params[:id])
        current_user.update_posting_preferences(@authentication.provider)
        @authentication.destroy
        flash[:notice] = "You have successfully destroyed your link to your #{@authentication.provider.titleize} account."
        if current_user.authentications.empty? && current_user.encrypted_password.empty?
          sign_out
          flash[:alert] = "Alert: Your account does not currently have a password for account authorization.  You are in danger of losing your account unless you create a new password by using this form."
          redirect_to new_password_path(current_user) and return
        else
          redirect_back_or(root_path)
        end
      end

代码导致我的redirect_to new_password_path(current_user) and return命令触发“无法找到nil的有效映射”错误  enter image description here

我非常感谢帮助找出这个问题。

谢谢!

1 个答案:

答案 0 :(得分:1)

行。我会承认的。我从教程中实现了身份验证控制器,而没有研究设计路由,以了解幕后发生的事情。昨晚我查看了文档并找出了问题所在。有趣的是,上面的例程确实适用于较旧版本的设计,但不适用于设计1.5.3。

在destroy操作中,我签出了current_user,然后我尝试路由到发送“current_user”的new_password_path作为参数。毫不奇怪,在那一点上,“current_user”被淘汰了。所以,我得到了“找不到有效的nil映射”错误。这是我的简单修复:

  def destroy
    @authentication = current_user.authentications.find(params[:id])
    user = current_user
    current_user.update_posting_preferences(@authentication.provider)
    @authentication.destroy
    flash[:notice] = "You have successfully destroyed your link to your #{@authentication.provider.titleize} account."
    if current_user.authentications.empty? && current_user.encrypted_password.empty?
      sign_out
      flash[:alert] = "Alert: Your account does not currently have a password for account authorization.  You are in danger of losing your account unless you create a new password by using this form."
      redirect_to new_password_path(user) and return
    else
      redirect_back_or(root_path)
    end
  end