嗨,我在我的应用程序中使用了omniauth。我在没有使用设计的情况下创建了应用程序。所以我手动编写了所有加密方法。我正在尝试将 imniauth 与我的应用程序集成,但我遇到了很多问题。我做了一个身份验证控制器:
class AuthenticationsController < ApplicationController
def index
@authentications = current_user.authentications if current_user
end
def create
omniauth = request.env["omniauth.auth"]
authentication= Authentication.find_by_provider_and_uid(omniauth['provider'],omniauth['uid'])
if authentication
flash[:notice]= "Signed in with " + omniauth['provider'] + " Successfully"
sign_in(authentication.user)
redirect_back_or authentication.user
elsif current_user
current_user.authentications.create!(:provider => omniauth['provider'],:uid => omniauth['uid'])
flash[:notice]="authentication successfull"
redirect_to authentications_url
else
authenticate= Authentication.create!(:provider => omniauth['provider'], :uid => omniauth['uid'])
flash[:notice] = "You still need to fill up the following"
# This is where I have doubt as to how should I proceed. Should I first create authentication for omniauth and then redirect or just send everything together and then create in sign up?
# session[:omniauth] = omniauth.except('extra')
# redirect_to signup_path(omniauth)
end
end
def destroy
@authentication = current_user.authentications.find(params[:id])
@authentication.destroy
flash[:notice] = "Successfully destroyed authentication."
redirect_to authentications_url
end
end
我的用户控制器如下:
class UsersController < ApplicationController
before_filter :authenticate, :except => [:show, :new, :create]
before_filter :correct_user, :only => [:edit, :update]
before_filter :admin_user, :only => :destroy
# Id ont know what to do with omniauth here! :(
def new(omniauth)
@user = User.new
@title = "Sign up"
end
def create
@user = User.new(params[:user])
if @user.save
sign_in @user
redirect_to @user, :flash => { :success => "Welcome to the World Student Alliance!" }
else
@title = "Sign up"
render 'new'
end
end
def edit
@title = "Edit user"
end
def update
if @user.update_attributes(params[:user])
redirect_to @user, :flash => { :success => "Profile updated." }
else
@title = "Edit user"
render 'edit'
end
end
def destroy
@user.destroy
redirect_to users_path, :flash => { :success => "User destroyed." }
end
private
def correct_user
@user = User.find(params[:id])
redirect_to(root_path) unless current_user?(@user)
end
def admin_user
@user = User.find(params[:id])
redirect_to(root_path) if !current_user.admin? || current_user?(@user)
end
end
和会话控制器如下:
class SessionsController < ApplicationController
skip_before_filter :check_sign_in, :only => [:new, :create]
def new
@title = "Sign in"
end
def create
user = User.authenticate(params[:session][:email],
params[:session][:password])
if user.nil?
flash.now[:error] = "Invalid email/password combination."
@title = "Sign in"
render 'new'
else
sign_in user
redirect_back_or user
end
end
def destroy
sign_out
redirect_to root_path
end
end
每个用户有多个认证,每个认证属于一个用户
class Authentication < ActiveRecord::Base
belongs_to :user
end
class User < ActiveRecord::Base
has_many :authentications
.......
以下是我考虑的场景:
- 用户已登录并想与他的推特建立联系。(完整无误)
用户已经是注册用户,每次都想用twitter登录(完成无误)
用户未注册并希望使用 twitter 进行身份验证。如果它的基本身份验证就完成了,但我需要让用户输入一些细节,如国家、性别、部门等。这就是一切都出错的地方。我可以创建身份验证并将他转义到登录表单,但是当用户从 fb 或 twitter 登录时,他不必输入密码字段。这是我的问题。任何人都可以让我知道我应该做些什么来克服这个错误。谢谢你。