Ruby on rails ActiveModel::MassAssignmentSecurity::错误
您好,我正在使用Desive和omniauth对facebook登录进行自动认证,但我发现以下错误:Ruby on rails ActiveModel::MassAssignmentSecurity::错误,ruby-on-rails,devise,omniauth,facebook-authentication,Ruby On Rails,Devise,Omniauth,Facebook Authentication,您好,我正在使用Desive和omniauth对facebook登录进行自动认证,但我发现以下错误: Can't mass-assign protected attributes: token app/models/user.rb:20:in `apply_omniauth' app/controllers/authentications_controller.rb:19:in `create' 此用户模型: class User < ActiveRecord::Base # Th
Can't mass-assign protected attributes: token
app/models/user.rb:20:in `apply_omniauth'
app/controllers/authentications_controller.rb:19:in `create'
此用户模型:
class User < ActiveRecord::Base
# The relationship between the User and Authentication model
has_many :authentications, :dependent => :delete_all
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me,
# attr_accessible :title, :body
def apply_omniauth(auth)
# In previous omniauth, 'user_info' was used in place of 'raw_info'
self.email = auth['extra']['raw_info']['email']
authentications.build(:provider => auth['provider'], :uid => auth['uid'], :token => auth['credentials']['token'])
end
end
class用户:delete\u all
#包括默认设计模块。其他可供选择的项目包括:
#:token_authenticable,:confirformable,
#:可锁定,:可超时和:可全授权
设计:数据库可验证,可注册,
:可恢复,:可记忆,:可跟踪,:可验证
#设置模型的可访问(或受保护)属性
属性可访问:电子邮件、密码、密码确认、记住我、,
#可访问属性:标题,:正文
def apply_omniauth(认证)
#在以前的omniauth中,使用“用户信息”代替“原始信息”
self.email=auth['extra']['raw_info']['email']
authentications.build(:provider=>auth['provider'],:uid=>auth['uid'],:token=>auth['credentials']['token'])
结束
结束
这是我的身份验证控制器:
class AuthenticationsController < ApplicationController
def index
@authentications = current_user.authentications if current_user
end
def create
auth = request.env["omniauth.auth"]
# Try to find authentication first
authentication = Authentication.find_by_provider_and_uid(auth['provider'], auth['uid'])
if authentication
# Authentication found, sign the user in.
flash[:notice] = "Signed in successfully."
sign_in_and_redirect(:user, authentication.user)
else
# Authentication not found, thus a new user.
user = User.new
user.apply_omniauth(auth)
if user.save(:validate => false)
flash[:notice] = "Account created and signed in successfully."
sign_in_and_redirect(:user, user)
else
flash[:error] = "Error while creating a user account. Please try again."
redirect_to root_url
end
end
end
def destroy
@authentication = Authentication.find(params[:id])
@authentication.destroy
redirect_to authentications_url, :notice => "Successfully destroyed authentication."
end
end
类身份验证控制器false)
flash[:notice]=“已成功创建并登录帐户。”
登录和重定向(:用户,用户)
其他的
flash[:error]=“创建用户帐户时出错。请重试。”
将\u重定向到根\u url
结束
结束
结束
def销毁
@authentication=authentication.find(参数[:id])
@身份验证。销毁
重定向到身份验证\u url,:notice=>“已成功销毁身份验证。”
结束
结束
有人能解释一下我为什么会出现这个错误,以及我如何修复它吗?在身份验证模型的
attr\u accessible
行中添加:token
应该可以解决这个问题。我的错,token
是身份验证模型