这是一个非常奇怪的错误,我带领它24小时。它工作得很好,突然间它开始失败了。
问题: 当我想使用Facebook登录时,应用程序重定向到Facebook权限请求,返回,将更新保存在帐户模型(access_token和updated_at)中,但我被重定向到主页,但没有访问signed_in部分的权限。
我的筹码是: Rails4,Devise 3.0.0.rc,Omniauth,Omniauth-facebook 1.4.0。 该应用仅接受使用Facebook登录。
看看:
Omniauth控制器:account_signed_in? = true
class Accounts::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
# You need to implement the method below in your model (e.g. app/models/user.rb)
@account = Account.find_for_facebook_oauth(request.env["omniauth.auth"], current_account)
if @account.persisted?
sign_in_and_redirect @account, :event => :authentication #this will throw if @user is not activated
puts account_signed_in? # <-- true
set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_account_registration_url
end
end
ApplicationController :account_signed_in? = true
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
private
def stored_location_for(resource_or_scope)
nil
end
def after_sign_in_path_for(resource_or_scope)
puts account_signed_in? # <-- true
current_account.pages.empty? ? new_page_path : pages_path
end
StaticController (主页)account_signed_in? = false
class StaticController < ApplicationController
def home
puts account_signed_in? # <- false
render layout: 'home'
end
我不知道是否会有某些因素影响Devise和Rails之间正常的会话流程。
答案 0 :(得分:1)
找到了!
由于session_store.rb中的domain参数,会话未被保存:
BrainedPage::Application.config.session_store :cookie_store,
key: '_my_session', :domain => Rails.configuration.domain
似乎我在开发环境中更改了域配置(添加了端口,因为我也将此var用于其他建议),并且我没有意识到它可能产生的影响。