Rails:ActiveModel :: ForbiddenAttributesError

时间:2015-02-19 23:35:43

标签: ruby-on-rails ruby facebook

我试图使用OmniAuth将Facebook与我的网站集成,我想我在这里得到了一些错误。现在,当我点击"用Facebook登录"它确实把我带到了Facebook,但是当我登录时,我收到一条错误ActiveModel::ForbiddenAttributesError。此外,我认为我的路线也可能存在问题,但我不确定。

另外,我遵循了这个RailsCasts教程:http://railscasts.com/episodes/360-facebook-authentication?autoplay=true

编辑:错误在此处,where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|

omniauth.rb 

OmniAuth.config.logger = Rails.logger

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_SECRET']
end

user.rb 

class User < ActiveRecord::Base
  def self.from_omniauth(auth)
    where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
      user.provider = auth.provider
      user.uid = auth.uid
      user.name = auth.info.name
      user.oauth_token = auth.credentials.token
      user.oauth_expires_at = Time.at(auth.credentials.expires_at)
      user.save!
    end
  end
end

的routes.rb 

Rails.application.routes.draw do

  get 'auth/:provider/callback', to: 'sessions#create'
  get 'auth/failure',  ('/posts/index')
  get 'signout', to: 'sessions#destroy', as: 'signout'

  resources :welcome
  resources :posts

  root "welcome#index"

sessions_controller.rb 

class SessionsController < ApplicationController
  def create
    user = User.from_omniauth(env["omniauth.auth"])
    session[:user_id] = user.id
    redirect_to root_url
  end

  def destroy
    session[:user_id] = nil
    redirect_to root_url
  end
end

application_controller.rb 

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  private

  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end
  helper_method :current_user
end

1 个答案:

答案 0 :(得分:4)

像这样修改您的查找器:

class User < ActiveRecord::Base
  def self.from_omniauth(auth)
    where(provider: auth.provider, uid: auth.uid).first_or_initialize do |user|
      user.provider = auth.provider
      user.uid = auth.uid
      user.name = auth.info.name
      user.oauth_token = auth.credentials.token
      user.oauth_expires_at = Time.at(auth.credentials.expires_at)
      user.save!
    end
  end
end
相关问题
最新问题