当尝试使用Omniauth进行身份验证时,它在我的开发环境(Mac OSX Mavericks)中完美运行,但在生产中大部分时间都失败了(在Heroku上)。 “无效凭据”和“连接失败”之间的错误不同。在所有情况下,我都已登录到我的Google帐户。在进程成功之前,我可能会在4到8次之间得到这些错误中的一个或另一个。
有没有人看到这个,你能否解释为什么会发生这种情况?
宝石:oa_openid(0.3.2)
配置/ routes.rb中:
...
resource :admin_session, only: %w(show create destroy)
match '/auth/googleapps/callback' => 'admin_sessions#create'
...
配置/ omniauth.rb:
require 'openid/store/filesystem'
Rails.application.config.middleware.use OmniAuth::Strategies::GoogleApps,
OpenID::Store::Filesystem.new('./tmp'),
name: 'googleapps', domain: 'booktrakr.com'
admin_sessions_controller:
class AdminSessionsController < ApplicationController
# GET /admin_sessions
def show
redirect_to "/auth/googleapps?origin=#{params[:origin] || request.fullpath}" and return unless is_admin?
@session = authenticated_admin
end
# POST /admin_sessions
def create
authinfo = request.env['omniauth.auth']
uid = authinfo['uid']
unless uid =~ %r(^https?://(groundbreakingsoftware|booktrakr).com/openid)
raise "Bad hacker, no cookie"
end
self.authenticated_admin = authinfo
redirect_to request.env['omniauth.origin'], notice: 'Session was successfully created.'
end
# DELETE /admin_sessions
def destroy
self.authenticated_admin = nil
redirect_to root_url
end
end
答案 0 :(得分:0)
似乎切换到OAuth2(https://github.com/zquestz/omniauth-google-oauth2)解决了这个问题,至少乍一看。谢谢,@ Ashitaka!