0

我正在使用 facebooker2(Rails 2.3。和 RESTFUlL 身份验证)来实现 facebook 连接功能。在我的控制器中,我使用此操作:

  def create_facebook_user
    if current_facebook_user
      @user = User.find_by_fb_user_id(current_facebook_user.id.to_i)
    end
    if @user.blank?
      @facebook_user = current_facebook_user.fetch

      @user = User.new :login => @facebook_user.email, :email => @facebook_user.email, :name => @facebook_user.name
      @user.fb_user_id = @facebook_user.id.to_i
      @user.state = "active"

      if @user.save(:validate=> false)
        @user.profile = Profile.create(:benefactor_id => nil, :benefactor_invites => Setting.find_by_identifier("benefactor_invites").value.to_i)
        redirect_to :controller => "profiles", :action => "show", :id => @user.profile.id
      else
        render "new"
      end
    elsif @user.fb_user_id.nil?
      @user.update_attribute :fb_user_id, current_facebook_user.id
      redirect_to :controller => "dashboard", :url => "index"
    else
      redirect_to :controller => "dashboard", :url => "index"
    end

然后我的问题是将状态分配给用户。当用户使用保存方法 @user.save(:validate => false) 时,它不会“跳转”验证器。我还修改了一个 RESTFul 身份验证模块“ByPassword”方法 password_required 但保存方法返回 false。

我发布我的代码

Controller

    class UsersController < ApplicationController
      skip_before_filter :verify_authenticity_token, :only => :create

      before_filter :find_user,
                    :only => [:profile,
                              :destroy,
                              :edit_password, :update_password,
                              :edit_email, :update_email]

      layout 'application'
      def create_facebook_user
        if current_facebook_user
          @user = User.find_by_fb_user_id(current_facebook_user.id.to_i)
        end
        if @user.blank?
          @facebook_user = current_facebook_user.fetch

          @user = User.new :login => @facebook_user.email, :email => @facebook_user.email, :name => @facebook_user.name
          @user.fb_user_id = @facebook_user.id.to_i
          @user.state = "active"

          if @user.save(:validate=> false)
            @user.profile = Profile.create(:benefactor_id => nil, :benefactor_invites => Setting.find_by_identifier("benefactor_invites").value.to_i)
            redirect_to :controller => "profiles", :action => "show", :id => @user.profile.id
          else
            render "new"
          end
        elsif @user.fb_user_id.nil?
          @user.update_attribute :fb_user_id, current_facebook_user.id
          redirect_to :controller => "dashboard", :url => "index"
        else
          redirect_to :controller => "dashboard", :url => "index"
        end
      end

end

查看(重要片段)

o ingresa con Facebook Connect <%= fb_login_and_redirect("/users/create_facebook_user") %> <%#= fb_login_and_redirect('/users/link_user_accounts', :perms => 'email,user_birthday') %> <%#= fb_login_button( "window.location = '/users/link_user_accounts'") %>

用户型号

require 'digest/sha1'

class User < ActiveRecord::Base
  include Authentication
  include Authentication::ByPassword
  include Authentication::ByCookieToken
  include Authorization::AasmRoles

...
end

密码模块

module Authentication
  module ByPassword

    # Stuff directives into including module
    def self.included(recipient)
      recipient.extend(ModelClassMethods)
      recipient.class_eval do
        include ModelInstanceMethods

        # Virtual attribute for the unencrypted password
        attr_accessor :password
        validates_presence_of :password, :message => :"user.password.blank", :if => :password_required?
        validates_presence_of :password_confirmation, :message => :"user.password_confirmation.blank", :if => :password_required?
        validates_confirmation_of :password, :message => :"user.password.confirmation", :if => :password_required?
        validates_length_of :password, :within => 5..40, :message => :"user.password.too_short", :if => :password_required?
        before_save :encrypt_password

      end
    end

    # #included directives

    #
    # Class Methods
    #
    module ModelClassMethods
      # This provides a modest increased defense against a dictionary attack if
      # your db were ever compromised, but will invalidate existing passwords.
      # See the README and the file config/initializers/site_keys.rb
      #
      # It may not be obvious, but if you set REST_AUTH_SITE_KEY to nil and
      # REST_AUTH_DIGEST_STRETCHES to 1 you'll have backwards compatibility with
      # older versions of restful-authentication.
      def password_digest(password, salt)
        digest = REST_AUTH_SITE_KEY
        REST_AUTH_DIGEST_STRETCHES.times do
          digest = secure_digest(digest, salt, password, REST_AUTH_SITE_KEY)
        end
        digest
      end
    end # class methods

    #
    # Instance Methods
    #
    module ModelInstanceMethods

      # Encrypts the password with the user salt
      def encrypt(password)
        self.class.password_digest(password, salt)
      end

      def authenticated?(password)
        crypted_password == encrypt(password)
      end

      # before filter 
      def encrypt_password
        return if password.blank?
        self.salt = self.class.make_token if new_record?
        self.crypted_password = encrypt(password)
      end

      def password_required?
        if fb_user_id.blank?
          crypted_password.blank? || !password.blank?
        else
          return false
        end
      end

      def has_fb_user_id?
        fb_user_id.nil?
      end
    end # instance methods
  end
end
4

1 回答 1

0

首先我使用 ActiveRecord 的 save_with_validations(false) 方法,然后我使用普通的保存方法

于 2011-04-14T20:34:40.490 回答