我得到(脸书)身份验证失败! 错误 - omniauth:(facebook)身份验证失败! csrf_detected:OmniAuth :: Strategies :: OAuth2 :: CallbackError,csrf_detected | CSRF检测到 会员处理:: OmniauthCallbacksController #dailed as HTML
class Members::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
@user = Member.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
if @user.persisted?
sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
class Member < ActiveRecord::Base
devise :omniauthable, :database_authenticatable, :confirmable, :registerable, :recoverable, :rememberable, :trackable, :validatable
validates :lastName, :presence => true
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = Member.where(:provider => auth.provider, :uid => auth.uid).first
if user
return user
else
registered_user = Member.where(:email => auth.info.email).first
if registered_user
return registered_user
else
user = Member.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20],
)
end end
end
end
TestDevice::Application.routes.draw do
devise_for :members, :controllers => { :omniauth_callbacks => "members/omniauth_callbacks", :sessions => "members/sessions", :passwords => "members/passwords", :registrations => "members/registrations" }
root "home#index"
get "boot/new"
get "boot/show"
devise_scope :members do
end
端
-if member_signed_in?
%h3.text-center.page-header
You have succesfully signed in
=link_to "Sign Out", destroy_member_session_path, :method => :delete, :class => "btn btn-primary"
-else
%h1.text-center.page-header
Welcome to rails community
%div.text-center
=link_to "Sign In", new_member_session_path, :method => :get, :class => "btn btn-primary"
|
=link_to "Sign up", new_member_registration_path, :method => :get, :class => "btn btn-primary"
|
=link_to "Sign in with Facebook", member_omniauth_callback_path(:facebook), :class => "btn btn-primary"\
require "omniauth-facebook"
config.omniauth :facebook, "**********", "****************"
Started GET "/members/auth/facebook/callback" for 127.0.0.1 at 2014-02-13 09:53:12 +0500
I, [2014-02-13T09:53:12.166717 #74319] INFO -- omniauth: (facebook) Callback phase initiated.
E, [2014-02-13T09:53:12.168392 #74319] ERROR -- omniauth: (facebook) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected
Processing by Members::OmniauthCallbacksController#failure as HTML
Redirected to http://localhost:3000/members/sign_in
Completed 302 Found in 2ms (ActiveRecord: 0.0ms)
我不明白这是什么意思?我只有config / initializers / devise.rb文件而不是这个文件config / initializers / omniauth.rb。
答案 0 :(得分:0)
您必须确保将Facebook应用设置为公开视图。