我使用Omniauth作为登录我的Rails应用程序的唯一方法.
问题是:当用户单击“注销”时,页面重新加载并且logout链接仍然存在(尽管user_signed_in?逻辑包装它).这让我相信用户实际上并未注销
这是我的index.html.erb:
<% if user_signed_in? %>
<%= link_to "Authenticate with Google",user_omniauth_authorize_path(:google_oauth2) %>
<% else %>
<%= link_to('logout',destroy_user_session_path,:method => :delete) %>
<% end %>
还有我的user.rb
def self.from_omniauth(auth)
if user = User.find_by_email(auth.info.email)
user.provider = auth.provider
user.uid = auth.uid
user
else
where(provider: auth.provider,uid: auth.uid).first_or_create do |user|
user.provider = auth.provider
user.uid = auth.uid
user.email = auth.info.email # THIS (user.email) value i want to provide to my registration form as default value
end
end
end
我的omniauth_callbacks_controller.rb:
class OmniauthCallbacksController < Devise::OmniauthCallbacksController skip_before_filter :redirect_to_login_if_required def google_oauth2 @user = User.from_omniauth(request.env["omniauth.auth"]) if @user.persisted? sign_in_and_redirect @user,:event => :authentication return else session["devise.user_attributes"] = @user.attributes redirect_to new_user_registration_path end end end
和我的routes.rb:
devise_for :users,:controllers => { :omniauth_callbacks => "omniauth_callbacks" }
不幸的是,它没有给我带来错误.它只是刷新索引页面,好像什么也没发生.
编辑:这是我点击退出时的POST
Started DELETE "/users/sign_out" for ::1 at 2015-07-06 11:00:22 -0400
Processing by Devise::SessionsController#destroy as HTML
Parameters: {"authenticity_token"=>"7QXScU8eVW6NVedKG5P86rPxkaP8uJdUzyJ712ZrYXtK7QjP/m33eQ2WE/ituUvFQ2GeenXLRBaiVibxEjHG6w=="}
Redirected to http://localhost:3000/
Filter chain halted as :verify_signed_out_user rendered or redirected
Completed 302 Found in 1ms (ActiveRecord: 0.0ms)
编辑2:我已将其包含在我的application_controller.rb中
before_action :authenticate_user!
现在,我在控制台中收到的错误消息是:
Started GET "/users/auth/google_oauth2/callback?state=c92f3f9e0a8db79485e56ec2a1defd91949e8e7d99a02130&code=4/pgl_HZFw113L7VJ-rSaV9-JYngABkfgx7lqRm06Dyqg" for ::1 at 2015-07-06 16:12:14 -0400
I,[2015-07-06T16:12:14.739138 #2442] INFO -- omniauth: (google_oauth2) Callback phase initiated.
Processing by OmniauthCallbacksController#google_oauth2 as HTML
Parameters: {"state"=>"c92f3f9e0a8db79485e56ec2a1defd91949e8e7d99a02130","code"=>"4/pgl_HZFw113L7VJ-rSaV9-JYngABkfgx7lqRm06Dyqg"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1 [["email","broy@gmail.com"]]
(0.1ms) begin transaction
sql (0.4ms) UPDATE "users" SET "last_sign_in_at" = ?,"current_sign_in_at" = ?,"sign_in_count" = ?,"updated_at" = ? WHERE "users"."id" = ? [["last_sign_in_at","2015-07-06 20:11:47.636852"],["current_sign_in_at","2015-07-06 20:12:15.365770"],["sign_in_count",42],["updated_at","2015-07-06 20:12:15.366734"],["id",4]]
(1.4ms) commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 15ms (ActiveRecord: 2.1ms)
Started GET "/" for ::1 at 2015-07-06 16:12:15 -0400
Processing by ProductlinesController#index as HTML
Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
解决方法
我建议将if切换为除非,因此它会在用户登录时显示注销链接.
<% unless user_signed_in? %> <%= link_to "Authenticate with Google",:method => :delete) %> <% end %>
<%unless current_user.blank? -%>
<%= link_to "Authenticate with Google",user_omniauth_authorize_path(:google_oauth2) %>
<%else -%>
<%= link_to('logout',:method => :delete) %>
<%end-%>