Ruby on rails 铁路及;Oauth:多个提供者
我有一个应用程序,允许用户发布到LinkedIn、Facebook和Twitter。我想授权每个用户在这些提供商中的帐户,只要用户愿意 “我的用户模型”有一些列可帮助一次授权一个提供商:Ruby on rails 铁路及;Oauth:多个提供者,ruby-on-rails,facebook,ruby-on-rails-3,oauth,oauth-2.0,Ruby On Rails,Facebook,Ruby On Rails 3,Oauth,Oauth 2.0,我有一个应用程序,允许用户发布到LinkedIn、Facebook和Twitter。我想授权每个用户在这些提供商中的帐户,只要用户愿意 “我的用户模型”有一些列可帮助一次授权一个提供商: class User < ActiveRecord::Base ... attr_accessible :provider, :uid, :oauth_token, :oauth_expires_at, :oauth_token_secret, :access_token, :access_tok
class User < ActiveRecord::Base
...
attr_accessible :provider, :uid, :oauth_token, :oauth_expires_at, :oauth_token_secret, :access_token, :access_token_secret ...
...
end
控制器身份验证方法如下所示:
def authorise
user = User.from_omniauth(current_user, env['omniauth.auth'])
session[:user_id] = current_user.id
redirect_to root_url
end
任何帮助都会很好!我真的不知道如何从这里开始。拥有x(在上面的例子中是3个,更多)数量的
:提供者列似乎有点可笑。关键是要将身份验证部分从用户模型本身中分离出来,这样你就可以在用户和身份之间建立许多关系。这是我的Identity
模型,来自一个旧项目(使用omniauth):
class-Identity
当然,用户模型应该参考:
class User < ActiveRecord::Base
...
has_many :identities, dependent: :destroy
...
class用户
当您允许多个omniauth提供程序登录时,存在许多令人讨厌的边缘情况。因此,要创建新登录(会话),您可以执行以下操作:
class SessionsController < ApplicationController
def create
auth = request.env['omniauth.auth']
origin = request.env['omniauth.origin']
destination = origin.blank? ? root_path : origin
@identity = Identity.find_with_omniauth(auth)
@identity = Identity.create_with_omniauth(auth) if @identity.nil?
if signed_in?
if @identity.user == current_user
# Identity is already associated with this user
redirect_to destination, notice: "Already logged in and linked"
else
# Identity is not associated with the current_user
@old_user = @identity.user
if @old_user
current_user.posts << @old_user.posts
current_user.galleries << @old_user.galleries
current_user.favorites << @old_user.favorites
end
@identity.user = current_user
@identity.save()
@old_user.destroy if @old_user && @old_user.identities.blank?
redirect_to destination, notice: "Account was successfully linked"
end
else
if @identity.user.present?
# Identity has a user associated with it
self.current_user = @identity.user
redirect_to destination
else
# No user associated with the identity so create a new one
user = User.create_with_omniauth(auth['info'])
@identity.user = user
@identity.save()
self.current_user = @identity.user
redirect_to destination, notice: "Registration successful"
end
end
end
def destroy
self.current_user = nil
redirect_to root_url, notice: "Signed out successfully"
end
def omniauth_failure
origin = request.env['omniauth.origin']
destination = origin.blank? ? root_path : origin
redirect_to destination, alert: "Connection failed"
end
end
class sessioncontroller 当前_user.posts感谢您的深入回答!期待签入。我对这一点的解释非常不同,但感谢你的想法。你没有说明如何使用代币。非常好的解决方案。我个人发现这篇文章是唯一一篇从头到尾都有效的文章。该方法与解决方案不同,它不使用创建/销毁身份作为登录。它会将他们永久留在那里,并使用这些信息通过Desive登录。因此,你仍然以同样的方式登录,这使得不同的情况更少。这种方法的真正好处是,它会重定向twitter用户,让他们在第一时间填写他们的电子邮件或密码,让twitter没有给你发电子邮件的头痛问题以一个干净、彻底的解决方案消失。
class User < ActiveRecord::Base
...
has_many :identities, dependent: :destroy
...
class SessionsController < ApplicationController
def create
auth = request.env['omniauth.auth']
origin = request.env['omniauth.origin']
destination = origin.blank? ? root_path : origin
@identity = Identity.find_with_omniauth(auth)
@identity = Identity.create_with_omniauth(auth) if @identity.nil?
if signed_in?
if @identity.user == current_user
# Identity is already associated with this user
redirect_to destination, notice: "Already logged in and linked"
else
# Identity is not associated with the current_user
@old_user = @identity.user
if @old_user
current_user.posts << @old_user.posts
current_user.galleries << @old_user.galleries
current_user.favorites << @old_user.favorites
end
@identity.user = current_user
@identity.save()
@old_user.destroy if @old_user && @old_user.identities.blank?
redirect_to destination, notice: "Account was successfully linked"
end
else
if @identity.user.present?
# Identity has a user associated with it
self.current_user = @identity.user
redirect_to destination
else
# No user associated with the identity so create a new one
user = User.create_with_omniauth(auth['info'])
@identity.user = user
@identity.save()
self.current_user = @identity.user
redirect_to destination, notice: "Registration successful"
end
end
end
def destroy
self.current_user = nil
redirect_to root_url, notice: "Signed out successfully"
end
def omniauth_failure
origin = request.env['omniauth.origin']
destination = origin.blank? ? root_path : origin
redirect_to destination, alert: "Connection failed"
end
end