[英]Devise/Google OAuth 2: Not found. Authentication passthru
我遵循了omniauth-google-oauth2 gem 的自述文件中的教程,当我单击根目录 (@ pages#home
) 上的链接时, <%= link_to "Sign up with Google", user_google_oauth2_omniauth_authorize_path %>
,我收到错误:
未找到。 身份验证通过。
我已经确认 ENV 变量在那里。 我一直在寻找类似的主题,但没有运气。 知道我做错了什么吗?
在路线中:
Rails.application.routes.draw do
devise_for :users, controllers: { :omniauth_callbacks => "users/omniauth_callbacks" }
我的 omniauth_callbacks_controller 位于/controllers/users/omniauth_callbacks_controller.rb
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def google_oauth2
# You need to implement the method below in your model (e.g. app/models/user.rb)
@user = User.from_omniauth(request.env["omniauth.auth"])
if @user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Google"
sign_in_and_redirect @user, :event => :authentication
else
session["devise.google_data"] = request.env["omniauth.auth"].except(:extra) #Removing extra as it can overflow some session stores
redirect_to new_user_registration_url, alert: @user.errors.full_messages.join("\n")
end
end
end
在我的devise.rb
文件中:
config.omniauth :google_oauth2, ENV["GOOGLE_CLIENT_ID"], ENV["GOOGLE_CLIENT_SECRET"], {
name: 'my-project',
scope: 'email',
prompt: 'select_account',
image_aspect_ratio: 'original',
image_size: 100,
ssl_verify: false
}
在我的 User.rb 中:
devise :rememberable, :validatable, :omniauthable, :omniauth_providers => [:google_oauth2]
def self.from_omniauth(access_token)
data = access_token.info
user = User.where(:email => data["email"]).first
# Uncomment the section below if you want users to be created if they don't exist
# unless user
# user = User.create(name: data["name"],
# email: data["email"],
# password: Devise.friendly_token[0,20]
# )
# end
user
end
我解决了将以下内容添加到config/initializers/omniauth.rb
:
OmniAuth.config.allowed_request_methods = %i[get]
解释:
以上是https://github.com/zquestz/omniauth-google-oauth2#usage 中显示的配置:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET']
end
OmniAuth.config.allowed_request_methods = %i[get]
但没有
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET']
end
因为这已经在您的config/initializers/devise.rb
:
config.omniauth :google_oauth2, ENV["GOOGLE_CLIENT_ID"], ENV["GOOGLE_CLIENT_SECRET"], {
name: 'my-project',
scope: 'email',
prompt: 'select_account',
image_aspect_ratio: 'original',
image_size: 100,
ssl_verify: false
}
值得检查您的 Google OAuth 重定向 URI 是否正确,并在末尾包含/callback
。
对于仍在寻找答案的任何人:
config/initializers/omniauth.rb
。config/initializers/devise.rb
的最后一个 config.omniauth 参数中使用空白哈希,如下所示:config.omniauth :google_oauth2, ENV["GOOGLE_CLIENT_ID"], ENV["GOOGLE_CLIENT_SECRET"], {}
或者我们可以单独使用电子邮件范围。 因为它会告诉 google 我们通过 email { scope: "email" }
请求用户详细信息
我像这样解决了这个问题:
omniauth-rails_csrf_protection
添加了 gem omniauth-rails_csrf_protection
rails_csrf_protection<%= link_to "Sign in with Google",
user_google_oauth2_omniauth_authorize_path, method: :post %>
devise.rb
:Rails.application.config.middleware.use OmniAuth::Builder do
OmniAuth.config.allowed_request_methods = [:post, :get]
provider :google_oauth2, Rails.application.credentials[:GOOGLE_CLIENT_ID],
Rails.application.credentials[:GOOGLE_CLIENT_SECRET], {scope: "email"}
end
devise_for :users, controllers: {
omniauth_callbacks: "users/omniauth_callbacks"
}
更多信息检查这个问题:[在此处输入链接描述][1]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.