我们收到此错误
ActiveModel::MassAssignmentSecurity::Error in AuthenticationsController#create
Can't mass-assign protected attributes: token
在此之前,我们的令牌已到期,无法在我们的网络应用上发布,因此为了解决此问题,我们每次使用提供商进行身份验证时都会尝试更新令牌和机密属性。
以下是代码:
class AuthenticationsController < InheritedResources::Base
def create
omniauth = request.env['omniauth.auth']
authentication = Authentication.find_by_provider_and_uid(omniauth['provider'], omniauth['uid'])
if authentication
user = User.find(authentication.user_id)
user.update_attributes(:token => omniauth["credentials"]["token"])
user.update_attributes(:secret => omniauth["credentials"]["secret"])
flash[:success] = "Signed in successfully"
sign_in_and_redirect user
elsif current_user
#rest of the code here#
这是架构
create_table "authentications", :force => true do |t|
t.integer "user_id"
t.string "provider"
t.string "uid"
t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false
t.string "secret"
t.string "token"
end
create_table "users", :force => true do |t|
t.string "name"
t.string "email"
t.timestamp "created_at", :null => false
t.timestamp "updated_at", :null => false
t.string "password_digest"
t.string "remember_token"
end
这是身份验证模型
class Authentication < ActiveRecord::Base
belongs_to :user
attr_accessible :provider, :uid, :token, :secret
end
答案 0 :(得分:2)
您正在尝试将令牌和密码分配给用户模型,而不是为身份验证模型执行此操作。
authentication.update_attributes(:token => omniauth["credentials"]["token"], :secret => omniauth["credentials"]["secret"] )
应该有用。