我按照 omniauth-google-oauth2 gem 的自述文件中的教程进行操作,当我单击根目录 (@
pages#home
) 上的链接时,<%= link_to "Sign up with Google", user_google_oauth2_omniauth_authorize_path %>
,我收到错误:
未找到。身份验证通道。
我已经确认 ENV 变量存在。我一直在寻找类似的主题但没有运气。知道我做错了什么吗?
路线中:
Rails.application.routes.draw do
devise_for :users, controllers: { :omniauth_callbacks => "users/omniauth_callbacks" }
我的omniauth_callbacks_controller位于
/controllers/users/omniauth_callbacks_controller.rb
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def google_oauth2
# You need to implement the method below in your model (e.g. app/models/user.rb)
@user = User.from_omniauth(request.env["omniauth.auth"])
if @user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Google"
sign_in_and_redirect @user, :event => :authentication
else
session["devise.google_data"] = request.env["omniauth.auth"].except(:extra) #Removing extra as it can overflow some session stores
redirect_to new_user_registration_url, alert: @user.errors.full_messages.join("\n")
end
end
end
在我的
devise.rb
文件中:
config.omniauth :google_oauth2, ENV["GOOGLE_CLIENT_ID"], ENV["GOOGLE_CLIENT_SECRET"], {
name: 'my-project',
scope: 'email',
prompt: 'select_account',
image_aspect_ratio: 'original',
image_size: 100,
ssl_verify: false
}
在我的 User.rb 中:
devise :rememberable, :validatable, :omniauthable, :omniauth_providers => [:google_oauth2]
def self.from_omniauth(access_token)
data = access_token.info
user = User.where(:email => data["email"]).first
# Uncomment the section below if you want users to be created if they don't exist
# unless user
# user = User.create(name: data["name"],
# email: data["email"],
# password: Devise.friendly_token[0,20]
# )
# end
user
end
我解决了问题,将以下内容添加到
config/initializers/omniauth.rb
:
OmniAuth.config.allowed_request_methods = %i[get]
说明:
以上是https://github.com/zquestz/omniauth-google-oauth2#usage中所示的配置:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET']
end
OmniAuth.config.allowed_request_methods = %i[get]
但是没有
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET']
end
因为您的
config/initializers/devise.rb
中已经提供了:
config.omniauth :google_oauth2, ENV["GOOGLE_CLIENT_ID"], ENV["GOOGLE_CLIENT_SECRET"], {
name: 'my-project',
scope: 'email',
prompt: 'select_account',
image_aspect_ratio: 'original',
image_size: 100,
ssl_verify: false
}
对于仍在寻找答案的人:
config/initializers/omniauth.rb
。config/initializers/devise.rb
的最后一个 config.omniauth 参数中使用空白哈希,如下所示:config.omniauth :google_oauth2, ENV["GOOGLE_CLIENT_ID"], ENV["GOOGLE_CLIENT_SECRET"], {}
或者我们可以单独使用电子邮件范围。因为它会告诉谷歌我们通过电子邮件请求用户详细信息
{ scope: "email" }
值得检查您的 Google OAuth 重定向 URI 是否正确,并在末尾包含
/callback
。
我这样解决了这个问题:
omniauth-rails_csrf_protection
添加到 Gemfile 中<%= link_to "Sign in with Google",
user_google_oauth2_omniauth_authorize_path, method: :post %>
devise.rb
:Rails.application.config.middleware.use OmniAuth::Builder do
OmniAuth.config.allowed_request_methods = [:post, :get]
provider :google_oauth2, Rails.application.credentials[:GOOGLE_CLIENT_ID],
Rails.application.credentials[:GOOGLE_CLIENT_SECRET], {scope: "email"}
end
devise_for :users, controllers: {
omniauth_callbacks: "users/omniauth_callbacks"
}
更多信息请查看此问题: [在此输入链接描述][1]
我通过添加omniauth-rails_csrf_protection解决了这个问题:
然后,重要的部分:
“然后,您需要验证应用程序中启动 OAuth 请求阶段的所有链接是否都转换为包含authenticity_token 值的 HTTP POST 表单。这可以通过将所有 link_to 方法更改为 button_to 或使用 link_to ...来实现。 ,方法::post。”
最初,我尝试:
<%= link_to 'Sign in with Google', user_google_oauth2_omniauth_authorize_path, method: :post %>
但是,需要的是:
<%= button_to 'Login with Google', user_google_oauth2_omniauth_authorize_path, method: :post, data: { turbo: 'false' } %>
添加按钮_解决了问题。