我正在使用 Devise (form) 和 Omniauth Twitter。我的注册表单字段是:
- 用户名(唯一,必填)
- 电子邮件(唯一,必填)
- 全名
- 密码
当没有具有相同用户名的现有记录时,两个注册都可以正常工作。用户可以通过 Twitter 或电子邮件表格进行注册。
问题是:
如果用户尝试使用现有用户名通过表单注册,则不允许。没关系。
但是当用户尝试通过 Twitter 注册并且如果 Twitter 昵称(我网站中的用户名)已经存在,它不会阻止注册,它会将现有帐户转移到新注册的 Twitter,它会使用来自的那些更新现有用户详细信息Twitter 个人资料 (API) 。我怎样才能阻止它?
谢谢!
omniauth_callbacks_controller.rb
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def all
designer = Designer.from_omniauth(request.env['omniauth.auth'])
if designer.persisted?
sign_in_and_redirect designer, notice: "Signed in!"
else
session["devise.designer_attributes"] = designer.attributes
redirect_to new_designer_registration_url
end
end
alias_method :twitter, :all
end
设计师.rb
class Designer < ApplicationRecord
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable, omniauth_providers: [:twitter]
validates_presence_of :email
validates_uniqueness_of :email
validates_presence_of :username
validates_uniqueness_of :username
validates_presence_of :password, if: :password_required? # recommended
validates_confirmation_of :password, if: :password_required? # recommended
validates_length_of :password, within: password_length, allow_blank: true # recommended
extend FriendlyId
friendly_id :username, use: [:slugged, :history]
has_many :posts
mount_uploader :avatar, AvatarUploader
def self.from_omniauth(auth)
where(provider: auth.provider, uid: auth.uid).first_or_create do |designer|
designer.provider = auth.provider
designer.uid = auth.uid
designer.slug = auth.info.nickname
designer.username = auth.info.nickname
designer.twitter_username = auth.info.nickname
designer.email = auth.info.email
designer.password = Devise.friendly_token[0, 20]
designer.fullname = auth.info.name
end
end
def self.new_with_session(params, session)
if session["devise.designer_attributes"]
new(session["devise.designer_attributes"]) do |designer|
designer.attributes = params
designer.valid?
end
else
super
end
end
def password_required?
super && provider.blank?
end
def update_with_password(params, *options)
if encrypted_password.blank?
update_attributes(params, *options)
else
super
end
end
end
控制器/registrations_controller.rb
class RegistrationsController < Devise::RegistrationsController
private
def sign_up_params
params.require(:designer).permit(:username, :fullname, :email, :password, :password_confirmation)
end
def account_update_params
params.require(:designer).permit(:username, :fullname, :email, :location, :website, :twitter, :bio, :password, :password_confirmation, :current_password)
end
protected
def after_sign_up_path_for(resource)
edit_designer_path(current_designer) if current_designer
end
end
设计/注册/new.html.erb
<%= simple_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= f.error_notification %>
<div class="form-inputs">
<%= f.input :fullname, required: true, placeholder: "Fullname", label: false, input_html: { maxlength: 120 } %>
<%= f.input :username, unique: true, required: true, placeholder: "Username", label: false, input_html: { maxlength: 120 } %>
<%= f.input :email, required: true, placeholder: "Email", label: false, input_html: { maxlength: 120 } %>
<% if f.object.password_required? %>
<%= f.input :password, required: true, placeholder: "Password (minimum 6 chars)", label: false, input_html: { maxlength: 120 } %>
<% end %>
</div>
<div class="form-actions tl pl1">
<%= f.button :submit, "Sign up" %>
</div>
<% end %>
从这里我重定向到配置文件编辑以获取其他配置文件信息,即设计器/edit.html.erb