我正在使用Omniauth作为我登录Rails应用程序的唯一方法。
问题是:当用户点击“Logout”时,页面会重新加载并且Logout链接仍然存在(尽管user_signed_in?逻辑包装它)。这让我相信用户实际上没有登出
这是我的 index.html.erb :
<% if user_signed_in? %>
<%= link_to "Authenticate with Google", user_omniauth_authorize_path(:google_oauth2) %>
<% else %>
<%= link_to('Logout', destroy_user_session_path, :method => :delete) %>
<% end %>
我的 user.rb
def self.from_omniauth(auth)
if user = User.find_by_email(auth.info.email)
user.provider = auth.provider
user.uid = auth.uid
user
else
where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
user.provider = auth.provider
user.uid = auth.uid
user.email = auth.info.email # THIS (user.email) value i want to provide to my registration form as default value
end
end
end
我的 omniauth_callbacks_controller.rb :
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
skip_before_filter :redirect_to_login_if_required
def google_oauth2
@user = User.from_omniauth(request.env["omniauth.auth"])
if @user.persisted?
sign_in_and_redirect @user, :event => :authentication
return
else
session["devise.user_attributes"] = @user.attributes
redirect_to new_user_registration_path
end
end
end
我的 routes.rb :
devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }
不幸的是,它没有给我带来错误。它只是刷新索引页面,好像什么也没发生。
编辑:当我点击退出
时,这是POSTStarted DELETE "/users/sign_out" for ::1 at 2015-07-06 11:00:22 -0400
Processing by Devise::SessionsController#destroy as HTML
Parameters: {"authenticity_token"=>"7QXScU8eVW6NVedKG5P86rPxkaP8uJdUzyJ712ZrYXtK7QjP/m33eQ2WE/ituUvFQ2GeenXLRBaiVibxEjHG6w=="}
Redirected to http://localhost:3000/
Filter chain halted as :verify_signed_out_user rendered or redirected
Completed 302 Found in 1ms (ActiveRecord: 0.0ms)
编辑2:我已将其包含在我的application_controller.rb中
before_action :authenticate_user!
现在我在控制台中收到的错误信息是:
Started GET "/users/auth/google_oauth2/callback?state=c92f3f9e0a8db79485e56ec2a1defd91949e8e7d99a02130&code=4/pgl_HZFw113L7VJ-rSaV9-JYngABkfgx7lqRm06Dyqg" for ::1 at 2015-07-06 16:12:14 -0400
I, [2015-07-06T16:12:14.739138 #2442] INFO -- omniauth: (google_oauth2) Callback phase initiated.
Processing by OmniauthCallbacksController#google_oauth2 as HTML
Parameters: {"state"=>"c92f3f9e0a8db79485e56ec2a1defd91949e8e7d99a02130", "code"=>"4/pgl_HZFw113L7VJ-rSaV9-JYngABkfgx7lqRm06Dyqg"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1 [["email", "broy@gmail.com"]]
(0.1ms) begin transaction
SQL (0.4ms) UPDATE "users" SET "last_sign_in_at" = ?, "current_sign_in_at" = ?, "sign_in_count" = ?, "updated_at" = ? WHERE "users"."id" = ? [["last_sign_in_at", "2015-07-06 20:11:47.636852"], ["current_sign_in_at", "2015-07-06 20:12:15.365770"], ["sign_in_count", 42], ["updated_at", "2015-07-06 20:12:15.366734"], ["id", 4]]
(1.4ms) commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 15ms (ActiveRecord: 2.1ms)
Started GET "/" for ::1 at 2015-07-06 16:12:15 -0400
Processing by ProductlinesController#index as HTML
Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
答案 0 :(得分:2)
我建议将if切换为除非,因此它会在用户登录时显示注销链接。
<% unless user_signed_in? %>
<%= link_to "Authenticate with Google", user_omniauth_authorize_path(:google_oauth2) %>
<% else %>
<%= link_to('Logout', destroy_user_session_path, :method => :delete) %>
<% end %>
使用设计时,显示更正链接的另一种方法是:
<%unless current_user.blank? -%>
<%= link_to "Authenticate with Google", user_omniauth_authorize_path(:google_oauth2) %>
<%else -%>
<%= link_to('Logout', destroy_user_session_path, :method => :delete) %>
<%end-%>
答案 1 :(得分:2)
您发布的 日志 ,
过滤链停止为:verify_signed_out_user呈现或重定向
这就是您遇到问题的原因。
将skip_before_filter :verify_signed_out_user
添加到控制器应该可以解决问题。
<强> 更新 强>
您需要将 index.html.erb 中的代码更改为以下
<% if user_signed_in? %>
<%= link_to('Logout', destroy_user_session_path, :method => :delete) %>
<% else %>
<%= link_to "Authenticate with Google", user_omniauth_authorize_path(:google_oauth2) %>
<% end %>
来源: Devise Wiki