這可能很愚蠢,但我已經使用了google,並且經歷了堆棧溢出,並且在浪費了數小時後沒有發現任何運氣。Rails 4,Devise,Omniauth,Cancan,Twitter API
基本上,我克隆和部署這個 - https://github.com/alex-klepa/rails4-bootstrap-devise-cancan-omniauth和改變什麼(除了把我的消費者密鑰和祕密)。
我能夠使用我的twitter應用程序和Facebook應用程序憑據登錄。我遇到問題的地方是使用twitter gem和fb_graph gem以及omniauth在Identity中創建和存儲的憑據屬於用戶模型的模型。
似乎已經有用戶的會話管理 - 爲該用戶生成的令牌和祕密存儲在Identities模型中,但我仍然收到「您的憑據不允許訪問此資源」。
長話短說,這是Twitter的配置:
Twitter.configure do |config|
config.consumer_key = 'yxxxxxx'
config.consumer_secret = 'kxxxxxxx'
config.oauth_token = ['need help here']
config.oauth_token_secret = ['need help here']
end
我期待砸的東西動態入組oauth_token和oauth_token_secret領域是依賴於當前用戶會話,這樣我就可以放下API調用納入我的觀點。
在此先感謝您提供的任何幫助!
編輯:
它剛剛發生在我身上的模型可能會有所幫助。 (其他的一切都在git鏈接中)*還有兩種支持模式,auth_definitions.rb roles.rb,站起來Devise,但在這裏似乎沒有任何影響。
user.rb
class User
include Mongoid::Document
include Mongoid::Timestamps
include User::AuthDefinitions
include User::Roles
has_many :identities
field :email, type: String
field :image, type: String
field :first_name, type: String
field :last_name, type: String
field :roles_mask, type: Integer
validates_presence_of :email, :first_name, :last_name
def full_name
"#{first_name} #{last_name}"
end
end
Identity.rb
class Identity
include Mongoid::Document
include Mongoid::Timestamps
belongs_to :user, index: true
field :uid, type: String
field :provider, type: String
field :token, type: String
field :secret, type: String
field :expires_at, type: DateTime
field :email, type: String
field :image, type: String
field :nickname, type: String
field :first_name, type: String
field :last_name, type: String
index({ uid: 1, provider: 1 }, { unique: true })
def self.from_omniauth(auth)
identity = where(auth.slice(:provider, :uid)).first_or_create do |identity|
identity.provider = auth.provider
identity.uid = auth.uid
identity.token = auth.credentials.token
identity.secret = auth.credentials.secret if auth.credentials.secret
identity.expires_at = auth.credentials.expires_at if auth.credentials.expires_at
identity.email = auth.info.email if auth.info.email
identity.image = auth.info.image if auth.info.image
identity.nickname = auth.info.nickname
identity.first_name = auth.info.first_name
identity.last_name = auth.info.last_name
end
identity.save!
if !identity.persisted?
redirect_to root_url, alert: "Something went wrong, please try again."
end
identity
end
def find_or_create_user(current_user)
if current_user && self.user == current_user
# User logged in and the identity is associated with the current user
return self.user
elsif current_user && self.user != current_user
# User logged in and the identity is not associated with the current user
# so lets associate the identity and update missing info
self.user = current_user
self.user.email ||= self.email
self.user.image ||= self.image
self.user.first_name ||= self.first_name
self.user.last_name ||= self.last_name
self.user.skip_reconfirmation!
self.user.save!
self.save!
return self.user
elsif self.user.present?
# User not logged in and we found the identity associated with user
# so let's just log them in here
return self.user
else
# No user associated with the identity so we need to create a new one
self.build_user(
email: self.email,
image: self.image,
first_name: self.first_name,
last_name: self.last_name,
roles: [AppConfig.default_role]
)
self.user.save!(validate: false)
self.save!
return self.user
end
end
def create_user
end
end
只是想讓你知道,我們,MODS,仍然可以看到你的問題之前,你編輯它看。所以我們仍然可以看到你的憑據。通過https://dev.twitter.com/apps轉到您的應用程序,只需點擊底部的按鈕即可重置您的憑據。 – Ashitaka
另外,如果你想知道如何在開源項目中使用你的憑證,只需檢查下面這個問題:http://stackoverflow.com/questions/13294194/rails-how-to-store-mailer-password-safely/13296207#13296207 – Ashitaka