我遵循了这个railcasts教程,介绍了如何实现Omniauth-identity,但遇到了障碍。
当我尝试注册用户时,会弹出以下错误
ActionController::InvalidAuthenticityToken in SessionsController#create
在控制台日志中弹出以下错误
Processing by SessionsController#create as HTML
Parameters: {"name"=>"asdasd asdasd", "email"=>"asd@yopmail.com", "password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]", "provider"=>"identity"}
Can't verify CSRF token authenticity
用户插入Identity模型时没有问题,但是当应用程序尝试创建会话时,这一切都是徒劳的。
以下是我正在使用的相关代码
的Gemfile
gem 'bcrypt-ruby', '~> 3.1.2'
gem 'omniauth-facebook'
gem 'omniauth-twitter'
gem 'omniauth-google-oauth2'
gem 'omniauth-identity'
初始化/ omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_SECRET']
provider :twitter, ENV['TWITTER_KEY'], ENV['TWITTER_SECRET']
provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET']
provider :identity
end
路由
get 'auth/:provider/callback', to: 'sessions#create'
post 'auth/:provider/callback', to: 'sessions#create'
get 'auth/failure', to: redirect('/')
get 'signout', to: 'sessions#destroy', as: 'signout'
SessionsController
def create
user = User.from_omniauth(env['omniauth.auth'])
session[:user_id] = user.id
redirect_to root_url, notice: "Signed In!"
end
用户模型
def self.from_omniauth(auth)
find_by_provider_and_uid(auth["provider"], auth["uid"]) || create_with_omniauth(auth)
end
答案 0 :(得分:3)
当Rails检查CSRF令牌时出现错误InvalidAuthenticityToken,您可以跳过验证CSRF来禁用控制器上的skip_before_action保护,添加到CSRF的顶部{1}}:
SessionsController但您必须小心并阅读有关Klarna保护的所有内容。