我是ROR初学者,我正在尝试在我的ROR应用中实现基本的Google-openid(使用omniauth-openid)身份验证。以下是一些代码段:
sessions_controller.rb :
class SessionsController < ApplicationController
def create
user = User.from_omniauth(env["omniauth.auth"])
session[:user_id] = user.id
session[:my] = 'some'
puts "Session[:user_id] = ", session[:user_id]
puts "Session[:my] = ", session[:my]
redirect_to root_url
end
end
路线:
PhotoBucket::Application.routes.draw do
get "welcome/index"
match 'auth/:provider/callback', to: 'sessions#create', via: [:get, :post]
match 'auth/failure', to: redirect('/'), via: [:get, :post]
match 'signout', to: 'sessions#destroy', as: 'signout', via: [:get, :post]
应用程序控制器:
class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery
private
def current_user
@current_user = User.find(session[:user_id])
end
helper_method :current_user
end
模板:
<div id="user-widget">
<%= current_user %>
</div>
以下是当某人在网站上签名时日志的样子:
Started GET "/auth/google" for 127.0.0.1 at 2014-04-07 00:44:25 +0530
(google) Request phase initiated.
I, [2014-04-07T00:44:25.150729 #2047] INFO -- OpenID: WARNING: making https request to https://www.google.com/accounts/o8/id without verifying server certificate; no CA path was specified.
I, [2014-04-07T00:44:25.692758 #2047] INFO -- OpenID: WARNING: making https request to https://www.google.com/accounts/o8/ud without verifying server certificate; no CA path was specified.
I, [2014-04-07T00:44:26.192769 #2047] INFO -- OpenID: Generated checkid_setup request to https://www.google.com/accounts/o8/ud using stateless mode.
Started GET "/auth/google/callback?_method=post&<some_secrets>" for 127.0.0.1 at 2014-04-07 00:44:30 +0530
(google) Callback phase initiated.
I, [2014-04-07T00:44:30.588217 #2047] INFO -- OpenID: Error attempting to use stored discovery information: OpenID::TypeURIMismatch
I, [2014-04-07T00:44:30.588282 #2047] INFO -- OpenID: Attempting discovery to verify endpoint
I, [2014-04-07T00:44:30.588308 #2047] INFO -- OpenID: Performing discovery on https://www.google.com/accounts/o8/id?id=AItOawkBno-m7mK0IH6jWkV1hl2xQtNLce1VdXI
I, [2014-04-07T00:44:30.588624 #2047] INFO -- OpenID: WARNING: making https request to https://www.google.com/accounts/o8/id?id=AItOawkBno-m7mK0IH6jWkV1hl2xQtNLce1VdXI without verifying server certificate; no CA path was specified.
I, [2014-04-07T00:44:31.080153 #2047] INFO -- OpenID: Using 'check_authentication' with https://www.google.com/accounts/o8/ud
I, [2014-04-07T00:44:31.081077 #2047] INFO -- OpenID: WARNING: making https request to https://www.google.com/accounts/o8/ud without verifying server certificate; no CA path was specified.
Processing by SessionsController#create as HTML
Parameters: {"provider"=>"google"}
Can't verify CSRF token authenticity
User Load (0.2ms) SELECT "users".* FROM "users" WHERE "users"."provider" = 'google' AND "users"."uid" = 'https://www.google.com/accounts/o8/id?id=AItOawkBno-m7mK0IH6jWkV1hl2xQtNLce1VdXI' ORDER BY "users"."id" ASC LIMIT 1
(0.1ms) begin transaction
(0.1ms) commit transaction
Session[:user_id] =
1
Session[:my] =
some
Redirected to http://0.0.0.0:3000/
Completed 302 Found in 77ms (ActiveRecord: 1.0ms)
Started GET "/" for 127.0.0.1 at 2014-04-07 00:44:31 +0530
Processing by WelcomeController#index as HTML
Rendered welcome/index.html.erb within layouts/application (0.1ms)
Completed 500 Internal Server Error in 5ms
ActiveRecord::RecordNotFound (Couldn't find User without an ID):
app/controllers/application_controller.rb:8:in `current_user'
app/views/layouts/application.html.erb:12:in `_app_views_layouts_application_html_erb__87755315857576517_2161879520'
Rendered /Users/aneeshdogra/.rvm/gems/ruby-2.1.0/gems/actionpack-4.0.2/lib/action_dispatch/middleware/templates/rescues/_source.erb (0.7ms)
Rendered /Users/aneeshdogra/.rvm/gems/ruby-2.1.0/gems/actionpack-4.0.2/lib/action_dispatch/middleware/templates/rescues/_trace.erb (1.4ms)
Rendered /Users/aneeshdogra/.rvm/gems/ruby-2.1.0/gems/actionpack-4.0.2/lib/action_dispatch/middleware/templates/rescues/_request_and_response.erb (1.2ms)
Rendered /Users/aneeshdogra/.rvm/gems/ruby-2.1.0/gems/actionpack-4.0.2/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (16.0ms)
因此,基本上会话控制器中填充的会话变量无法在应用程序控制器中访问。