OmniAuth Oauth2不会将Instagram用户帐户持久保存到用户模型(设计)

时间:2015-09-25 13:55:29

标签: ruby-on-rails devise oauth-2.0 omniauth instagram-api

我正在使用与Devise gem配对的Omniauth gem进行用户身份验证(这里是wiki。我选择了Oauth2策略在我的应用中验证Instagram用户。

我的问题是通过Instagram身份验证登录的用户不会持久保存到我的用户模型。在使用Instagram进行身份验证后,他们将被重定向到新的用户注册路径 localhost:3000 / users / sign_up

控制器/用户/ omniauth_callbacks_controller.rb 

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  def instagram
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.from_omniauth(request.env["omniauth.auth"])
    if @user.persisted?

      sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
      set_flash_message(:notice, :success, :kind => "Instagram") if is_navigational_format?
    else
      session["devise.instagram_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end
end

模型/ user.rb 

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable

  devise :omniauthable, :omniauth_providers => [:instagram]

  def self.from_omniauth(auth)
  where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
    user.email = auth.info.email
    user.password = Devise.friendly_token[0,20]
    # user.name = auth.info.name   # assuming the user model has a name
    # user.image = auth.info.image # assuming the user model has an image
  end
end

def self.new_with_session(params, session)
    super.tap do |user|
      if data = session["devise.instagram_data"] && session["devise.instagram_data"]["extra"]["raw_info"]
        user.email = data["email"] if user.email.blank?
      end
    end
end

end

用户表格包含相应的列(provideruid

  create_table "users", force: :cascade do |t|
    t.string   "email",                  default: "", null: false
    t.string   "encrypted_password",     default: "", null: false
    t.string   "reset_password_token"
    t.datetime "reset_password_sent_at"
    t.datetime "remember_created_at"
    t.integer  "sign_in_count",          default: 0,  null: false
    t.datetime "current_sign_in_at"
    t.datetime "last_sign_in_at"
    t.string   "current_sign_in_ip"
    t.string   "last_sign_in_ip"
    t.datetime "created_at"
    t.datetime "updated_at"
    t.string   "provider"
    t.string   "uid"
  end

最后,这是通过Instagram身份验证登录时的输出

Started GET "/users/auth/instagram" for ::1 at 2015-09-25 09:57:54 -0400
I, [2015-09-25T09:57:54.577637 #7451]  INFO -- omniauth: (instagram) Request phase initiated.


Started GET "/users/auth/instagram" for ::1 at 2015-09-25 09:57:54 -0400
I, [2015-09-25T09:57:54.655615 #7451]  INFO -- omniauth: (instagram) Request phase initiated.


Started GET "/users/auth/instagram/callback?code=SOME_CODE&state=SOME_STATE" for ::1 at 2015-09-25 09:57:54 -0400
I, [2015-09-25T09:57:54.811861 #7451]  INFO -- omniauth: (instagram) Callback phase initiated.
Processing by Users::OmniauthCallbacksController#instagram as HTML
  Parameters: {"code"=>"SOME_CODE", "state"=>"SOME_STATE"}
  User Load (0.2ms)  SELECT  "users".* FROM "users" WHERE "users"."provider" = ? AND "users"."uid" = ?  ORDER BY "users"."id" ASC LIMIT 1  [["provider", "instagram"], ["uid", "343664764"]]
   (0.1ms)  begin transaction
   (0.1ms)  rollback transaction
Redirected to http://localhost:3000/users/sign_up

1 个答案:

答案 0 :(得分:2)

深入研究代码后,添加调试器断点以跟踪从视图到控制器到模型和返回控制器的数据流,我意识到我的问题是Instagram API不提供特定用户的电子邮件。由于Devise默认需要电子邮件,而我在电子邮件user.email = auth.info.email中分配了空白值,因此保存从未完成,我将被重定向到新的用户注册路径new_user_registration_url

我如何调试

首先,我需要一条错误消息才能真正看出问题所在。所以,我加了一个“!”在save!类方法中from_omniauth后。

def self.from_omniauth(auth)
  where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
    user.email = auth.info.email
    user.password = Devise.friendly_token[0,20]
    user.save! 
  end
end

使用save!,验证始终运行,如果我遇到任何失败,则会引发ActiveRecord::ActiveRecordError。 然后,错误消息指出电子邮件字段不能为空。

所以现在我实际上有更多的信息可以使用。我的解决方法并不好,我不建议 - 但它解决了问题。

解决方法

我的解决方案是为每个通过Instagram注册的用户创建一个虚拟电子邮件。在我的from_omniauth方法中,我将用户电子邮件字段分配给nickname(从instagram身份验证返回)字段和通用“@ example.com”的串联:

user.email = auth.info.nickname + "@example.com"

这不是一个可持续的解决方案,因为您最终会为每个注册Instagram的人发送错误的电子邮件(忘记通过Action Mailer向他们发送电子邮件)。

我还没有实现(但愿意)的更好的解决方案是将通过Instagram注册/登录的用户重定向到特定的URL,您将提示用户输入他们的电子邮件地址。然后,您可以将该信息发回,以便控制器可以处理并正确保存。

当然,这是用户可能不愿意做的额外步骤,但电子邮件地址是一项宝贵的资产,可用于做很多事情,如时事通讯和其他促销电子邮件。

相关问题
最新问题