[英]Prevent user from accessing /auth/:provider under some conditions in OmniAuth
Is there any way to prevent users from accessing /auth/:provider
if, say, they are not logged in?有没有办法阻止用户访问/auth/:provider
如果他们没有登录? I've tried to use before_request_phase
callback and Rack::Response
to redirect them to sign in page but it haven't worked.我尝试使用before_request_phase
回调和Rack::Response
将它们重定向到登录页面,但没有奏效。
My application is not using omniauth for user authentication.我的应用程序没有使用 omniauth 进行用户身份验证。 Instead, it is used to connect third-party accounts to the user profile.相反,它用于将第三方帐户连接到用户配置文件。
Thanks!谢谢!
OmniAuth.config.before_request_phase = lambda do |env|
user = env['warden'].authenticate!
end
Ok, the solution I found was to create a new OmniAuth Strategy which inherits from the one I wanted to use and to override the request_phase
method.好的,我找到的解决方案是创建一个新的 OmniAuth 策略,它继承自我想要使用的策略并覆盖request_phase
方法。 Could not get the same behaviour using only OmniAuth configs in its initializer.在其初始值设定项中仅使用 OmniAuth 配置无法获得相同的行为。
def request_phase
if env['rack.session']['warden.user.user.key'].present?
super
else
redirect '/'
end
end
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.