Develop Reference

devise_token_auth omniauth JSON response?

I have a Rails 5 site which consists of 2 parts:
Admin area
API-only client area
I'm using Devise for both parts and https://github.com/lynndylanhurley/devise_token_auth gem for the API frontend.
The problem is about using the omniauth authentication. When I omniauth authenticate into the admin area - everything is ok - I get back some successful HTML-response.
But the problem is that I'm getting the same HTML-response in the API-area - but I need some JSON-response - not HTML one.
Here is my code:
config/routes.rb
Rails.application.routes.draw do
devise_for :users, controllers: { sessions: 'users/sessions', :omniauth_callbacks => 'users/omniauth_callbacks' }
namespace :api do
mount_devise_token_auth_for 'User', at: 'auth', controllers: { sessions: 'api/users/sessions', :omniauth_callbacks => 'api/users/omniauth_callbacks' }
end
end
app/models/user.rb
class User < ApplicationRecord
# Include default devise modules.
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:omniauthable,
:omniauth_providers => [:facebook, :vkontakte]
include DeviseTokenAuth::Concerns::User
devise :omniauthable
def self.from_omniauth_vkontakte(auth)
where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
user.email = auth.extra.raw_info.first_name.to_s + "." + auth.extra.raw_info.last_name.to_s + '#vk.com'
user.password = Devise.friendly_token[0,20]
end
end
end
app/controllers/users/omniauth_callbacks_controller.rb
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def vkontakte
#user = User.from_omniauth_vkontakte(request.env["omniauth.auth"])
if #user.persisted?
sign_in_and_redirect #user, :event => :authentication #this will throw if #user is not activated
set_flash_message(:notice, :success, :kind => "Vkontakte") if is_navigational_format?
else
session["devise.vkontakte_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
config/initializers/devise.rb
Devise.setup do |config|
config.omniauth :facebook, ENV["FACEBOOK_APP_ID"], ENV["FACEBOOK_APP_SECRET"], provider_ignores_state: true
config.omniauth :vkontakte, ENV["VKONTAKTE_APP_ID"], ENV["VKONTAKTE_APP_SECRET"]
end
Gemfile
gem 'omniauth'
gem 'omniauth-facebook'
gem 'omniauth-vkontakte'
Gemfile.lock
devise (4.3.0)
devise_token_auth (0.1.42)
Here's my log:
Started GET "/api/auth/vkontakte" for 127.0.0.1 at 2017-06-20 17:34:23
+0300
Started GET "/omniauth/vkontakte?namespace_name=api&resource_class=User" for
127.0.0.1 at 2017-06-20 17:34:23 +0300
I, [2017-06-20T17:34:23.237270 #15747] INFO -- omniauth: (vkontakte) Request phase initiated.
Started GET "/omniauth/vkontakte/callback?code=0b8446c5fe6873bb12&state=52254649eb899e3b743779a1a4afc0304f249a6dd90b4415" for 127.0.0.1 at 2017-06-20 17:34:23 +0300
I, [2017-06-20T17:34:23.672200 #15747] INFO -- omniauth: (vkontakte) Callback phase initiated. Processing by Users::OmniauthCallbacksController#vkontakte as */* Parameters: {"code"=>"0b8446c5fe6873bb12", "state"=>"52254649eb899e3b743779a1a4afc0304f249a6dd90b4415"}
I guess that the problem is about a so-called "callback" url. I don't understand where it is set. It is obvious from the log that at the end of the auth process the GET "/omniauth/vkontakte/callback..." query is called. And probably it is called always - no matter if I initiated the oath sequence from admin or api client area.
I use Chrome Postman to make the API query http://localhost:3000/api/auth/vkontakte - and I get the HTML-response back ("successful login etc.") - but I need surely some JSON-response.
Is there a way to dynamically change the callback path depending on some precondition?
Is the callback query somewhat different depending on from where the oath procedure was initiated?
EDIT1:
This is not a single problem here unfortunately. Looks like the oauth is simply not implemented in the https://github.com/lynndylanhurley/devise_token_auth gem. So, even if I succeed to switch the oauth login procedure to the JSON way - how do I login the user the devise_token_auth-way - generating 3 tokens etc...? The app/controllers/users/omniauth_callbacks_controller.rb needs to be totally reimlemented.

You can render json from your OmniauthCallbacksController based on some extra parameter provided when your request a connection from the API for example.
These extra parameters will be availables in this hash request.env["omniauth.params"].
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def vkontakte
#user = User.from_omniauth_vkontakte(request.env["omniauth.auth"])
if #user.persisted?
sign_in #user, :event => :authentication #this will throw if #user is not activated
set_flash_message(:notice, :success, :kind => "Vkontakte") if is_navigational_format?
if request.env["omniauth.params"]["apiRequest"]
render status: 200, json: { message: "Login success" }
else
redirect_to after_sign_in_path_for(#user)
end
else
session["devise.vkontakte_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
You can this extra parameters by calling the auth helper with additional parameters, they will be passed to your OmniauthController : user_vkontakte_omniauth_authorize_path(api_request: true) (Or whatever your route helper is)

I ended up implementing my own oauth callback procedure - instead of using one from the devise_token_auth gem.
The devise_token_auth gem does contain the oauth authentication - but it appears to be not working properly.
Here are my code changes:
config/routes.rb
Rails.application.routes.draw do
devise_for :users, controllers: { sessions: 'users/sessions', :omniauth_callbacks => 'users/omniauth_callbacks' }
namespace :api do
mount_devise_token_auth_for 'User', at: 'auth', controllers: { sessions: 'api/users/sessions'}
end
end
app/controllers/users/omniauth_callbacks_controller.rb
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
include DeviseTokenAuth::Concerns::SetUserByToken
def vkontakte
#user = User.from_omniauth_vkontakte(request.env["omniauth.auth"])
namespace_name = request.env["omniauth.params"]["namespace_name"]
if #user.persisted?
if namespace_name && namespace_name == "api"
#client_id = SecureRandom.urlsafe_base64(nil, false)
#token = SecureRandom.urlsafe_base64(nil, false)
#user.tokens[#client_id] = {
token: BCrypt::Password.create(#token),
expiry: (Time.now + DeviseTokenAuth.token_lifespan).to_i
}
#user.save
#resource = #user # trade-off for "update_auth_header" defined in "DeviseTokenAuth::Concerns::SetUserByToken"
sign_in(:user, #user, store: false, bypass: false)
render json: #user
else
sign_in_and_redirect #user, :event => :authentication #this will throw if #user is not activated
set_flash_message(:notice, :success, :kind => "Vkontakte") if is_navigational_format?
end
else
session["devise.vkontakte_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
The inclusion of include DeviseTokenAuth::Concerns::SetUserByToken provides 5 auth headers in response:
access-token →BeX35KJfYVheKifFdwMPag
client →96a_7jXewCThas3mpe-NhA
expiry →1499340863
token-type →Bearer
uid →376449571
But the response still lacks these headers (available at a common sign-in):
Access-Control-Allow-Credentials →true
Access-Control-Allow-Methods →GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin →chrome-extension://aicmkgpgakddgnaphhhpliifpcfhicfo
Access-Control-Max-Age →1728000
I don't know whether they are important and if yes - how to provide them.
PS The same identical approach works with Facebook too.

Issue with Facebook Omniauth, devise with Ruby on Rails

I have scoured these pages for weeks looking for an answer. I am a newbie to Ruby, i followed a tutorial and was able to successfully complete it with little fuss. My issue is when i decided to add more functionality to my app by authenticating users with Facebook using the Omniauth gem in addition to the devise gem that is working perfectly.
I almost know the solution will be simple to the trained eye but i am at a loss since i have tried numerous suggestions on this site and others with varying degrees of success.
My current problem is whenever a user tries to sign in using Facebook, user gets authenticated but is redirected to the signup page. I fiddled around sometime last week and was able to successfully login but just once and kept getting redirected to signup page subsequently.
My required scenario is thus:
If a user clicks on the sign in with Facebook link, they should get redirected to Facebook for authentication, then sent back to my Ruby application and the values for email, first_name, last_name should get added to the User table for that user.
For a returning User,
All database values should be checked and user is logged in automatically without much fuss.
I would also like an email unique constraint to ensure we do not have multiple people with the same email.
I would really appreciate some sort of direction as to where i am getting it wrong.. Like i mentioned above, i am a total greenhorn in this space as i work mainly with IT infrastructure.
Please see my code below:
callbacks_controller.rb
class CallbacksController < Devise::OmniauthCallbacksController
def facebook
# You need to implement the method below in your model (e.g.
app/models/user.rb)
#user = User.from_omniauth(request.env["omniauth.auth"])
if #user.persisted?
sign_in_and_redirect #user, :event => :authentication #this will throw if
#user is not activated
set_flash_message(:notice, :success, :kind => "Facebook") if
is_navigational_format?
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
def failure
redirect_to root_path
end
def failure
redirect_to root_path
end
end
user.rb
class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable
has_many :reviews, dependent: :destroy
#validates :first_name, :last_name, presence: true
devise :omniauthable, :omniauth_providers => [:facebook]
def self.from_omniauth(auth)
where(email: auth.info.email).first_or_initialize.tap do |user|
user.email = auth.info.email
user.password = Devise.friendly_token[6,20]
user.first_name = auth.info.first_name
user.last_name = auth.info.last_name
user.save
end
end
end
def self.new_with_session(params, session)
super.tap do |user|
if data = session["devise.facebook_data"] && session["devise.facebook_data"]
["extra"]["raw_info"]
user.email = data["email"] if user.email.blank?
user.first_name = data["first_name"] if user.first_name.blank?
user.last_name = data["last_name"] if user.last_name.blank?
end
end
end
routes.rb
Rails.application.routes.draw do
devise_for :users, :controllers => { :omniauth_callbacks => "callbacks"}
resources :hospitals do
collection do
get 'search'
end
resources :reviews, except: [:show, :index]
end
get 'pages/Hospitals'
get 'pages/Labs'
get 'pages/Doctors'
get 'pages/about'
get 'pages/contact'
root'hospitals#index'
# For details on the DSL available within this file, see
http://guides.rubyonrails.org/routing.html
end
Console Response
Started GET "/users/auth/facebook" for ::1 at 2017-06-13 14:02:29 +0100
I, [2017-06-13T14:02:29.142018 #8385] INFO -- omniauth: (facebook) Request
phase initiated.
Started GET "/users/auth/facebook" for ::1 at 2017-06-13 14:02:29 +0100
I, [2017-06-13T14:02:29.488425 #8385] INFO -- omniauth: (facebook) Request
phase initiated.
Started GET "/users/auth/facebook/callback
code=AQAJ33qxsDJhSh2fKc8YH9YANZwK2BagO3fotR22iw3
cOeTN5G2HSvXbOioiwaQmwrZB3EEZKZBWlBAK4c
RVyddoG8oaeLQfEXjA0FPOvZtpw0XiuBGwOJIh7YaDSjt7O33Dn2mB7Vlu2YUaT-
DxlY3ioOVhNx8ymCE6TMGJx0slL-NvMB8b52IHSheMvPYTcMAoj2WXPgrLK8aH0eox_
7VbD8zaV0QFeJxqask3gaU4GTkGI50liO2SdF
T9fyFVWTgfORNP0yhwoH3HNlMGIznqSqbRGB43d
2qULNHglH6exDMCzgpyhD3Bmi2lxzcLc10"
for ::1 at 2017-06-13 14:02:29 +0100
I, [2017-06-13T14:02:29.731093 #8385] INFO -- omniauth: (facebook) Callback
phase initiated.
Processing by CallbacksController#facebook as HTML
Parameters:
{"code"=>"AQAJ33qxsDJhSh2fKc8YH9YANZwK2BagO3
fotR22iw3cOeTN5G2HSvXbOioiwaQmwrZB3EEZK
ZBWlBAK4cRVyddoG8oaeLQfEXjA0FPOvZtpw0XiuBGwOJIh7YaDSjt7O33Dn2mB7Vlu2YUaT-
DxlY3ioOVhNx8ymCE6TMGJx0slL-
NvMB8b52IHSheMvPYTcMAoj2WXPgrLK8aH0eox_
7VbD8zaV0QFeJxqask3gaU4GTkGI50liO2SdFT9fy
FVWTgfORNP0yhwoH3HNlMGIznqSqbRGB43d2qULNHglH6exDMCzgpyhD3Bmi2lxzcLc10"}
User Load (0.3ms) SELECT "users".*
FROM "users" WHERE "users"."email" IS NULL
ORDER BY "users"."id" ASC LIMIT ? [["LIMIT", 1]]
(0.2ms) begin transaction
(0.1ms) rollback transaction
Redirected to http://localhost:3000/users/sign_up
Completed 302 Found in 265ms (ActiveRecord: 0.6ms)
New Console response
User Load (1.0ms) SELECT "users".* FROM "users" WHERE "users"."provider" = ?
AND
"users"."uid" = ? ORDER BY "users"."id" ASC LIMIT ? [["provider",
"facebook"], ["uid", "104903843446146"], ["LIMIT", 1]] (0.1ms) begin
transaction (0.1ms) rollback transaction Redirected to
localhost:3000/users/sign_up

Try below code:
def facebook
#user = User.from_omniauth(request.env["omniauth.auth"])
if #user.persisted?
sign_in_and_redirect #user, :event => :authentication #this will throw if #user is not activated
set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
model
def self.from_omniauth(auth)
where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
user.email = auth.info.email
user.password = Devise.friendly_token[0,20]
end
end

omniauth-facebook gem: request.env["omniauth.auth"] is nil

I'm using the omniauth-facebook gem with devise. It was working until recently. I also recently upgrated to Rails 5.0.1 from Rails 4, but I'm not sure that's the cause.
I currently have 0 users, and I'm logged into Facebook. But when I try to sign up for my app with Facebook on localhost, I get this error:
NoMethodError in RegistrationsController#facebook
undefined method `provider' for nil:NilClass
Here is my User model. I marked the line that the error highlights.
User.rb
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable,
:omniauthable, :omniauth_providers => [:facebook]
def self.from_omniauth(auth)
where(provider: auth.provider, uid: auth.uid).first_or_create do |user| #ERROR
#data = auth.info
user.name = #data.name
# ...
end
end
RegistrationsController
def facebook
#user = User.from_omniauth(request.env["omniauth.auth"])
if #user.persisted?
sign_in_and_redirect #user, :event => :authentication
set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
Also, here's my link:
<%= link_to "fb", user_facebook_omniauth_callback_path(:facebook, thing: #thing.id, degree: #degree, :format => :js) %>
The HTML Output:
<a href=\"/auth/facebook/callback.js?thing=2\">fb<\/a>
And the path:
localhost:3000/auth/facebook/callback.js?thing=2
So the problem is that request.env["omniauth.auth"] is nil for some reason. I can't find any traces of similar errors in any documentation.
Anyone encounter this before or have any thoughts?

To authenticate via facebook all you need is to put a link from your Site to facebook like this:
www.yoursite.com/auth/facebook
and then set up a route to receive the callback from Facebook with the authentication hash:
#routes.rb
get 'auth/facebook/callback' => 'sessions#create_facebook'
Can you specify how the output of this line looks like or why you are passing other information ?:
<%= link_to "fb", user_facebook_omniauth_callback_path(:facebook, thing: #thing.id, degree: #degree, :format => :js) %>
EDIT
auth/facebook/callback is a get request. Facebook sends you the users authentication hash there. Only facebook itself should use that route. When you want to authenticate your link has to be:
localhost:3000/auth/facebook
They way you have it, omniauth is expecting facebook's authentication hash but receives "?thing=2" which results in a failed authentication. Omniauth tries to extract the information from "?thing=2" which is not a hash and when you try to access auth[provider], auth is empty and therefore provider is not defined either which results in :
undefined method `provider' for nil:NilClass

I had the same issue and solved it by removing :omniauthable from User model

Rails - Unified sign in form for multiple types of Devise users

My Devise unified sign-in form no longer allows my Tech users to log in with either their username or email after implementing the ability to be redirected to a specific page in this case a profile page. I can sign-in as a customer but I can no longer sign-in as a tech. I am receiving the following:
Invalid login or password.
Another feature I've implemented is the ability to have users sign with their usernames or email. Please know each Devise user has their own set of controllers and views. For example the customer and the tech has their own customized view for registration.
customer: controllers/customer
tech: controllers/tech
If I were to remove the "redirect to a specific page" feature, all Devise user models (customers and techs) are able to log in fine.
How can I regain the ability of the unified sign-in for both user models while using the Devise redirect functionality?
Below are the resources used to implement each feature.
How To: Allow users to sign in using their username or email address
Unified sign in form for multiple types of Devise users.
How To: Redirect to a specific page on successful sign up (registration)
routes
Rails.application.routes.draw do
devise_for :customers, controllers: { registrations: 'customers/registrations' }, path: '' #to keep the sign-in page from showing: customer_signup in the url
devise_for :techs, controllers: { registrations: 'techs/registrations' }
resources :appointments, :customer_profiles, :service_menus, :services, :tech_profiles
root "home#index"
end
This monkey patch may be why unified sign-in is failing for my tech users.
Unified sign in form for multiple types of Devise users.
config/initializers/devise.rb
This is located at the bottom of my devise.rb file.
module Strategies
class Base
def mapping
# #mapping ||= begin
mapping = Devise.mappings[scope]
raise "Could not find mapping for #{scope}" unless mapping
mapping
# end
end
end
end
end
end
Things I've tried.
Moving the code def create from the controllers/customer/sessions_controller.rb to controllers/customer/registrations_controller.rb because I thought this is what the routes file was calling.
routes
devise_for :customers, controllers: { registrations: 'customers/registrations' }, path: ''
controllers/customer/registrations_controller.rb
class Customers::RegistrationsController < Devise::RegistrationsController
def create
# try to authenticate as a Customers
self.resource = warden.authenticate(auth_options)
resource_name = self.resource_name
if resource.nil?
# try to authenticate as a Tech
resource_name = :tech
request.params[:tech] = params[:customer]
self.resource = warden.authenticate!(auth_options.merge(scope: :tech))
end
set_flash_message(:notice, :signed_in) if is_navigational_format?
sign_in(resource_name, resource)
respond_with resource, :location => after_sign_in_path_for(resource)
end
protected
def after_sign_up_path_for(resource)
new_customer_profile_path
end
private
def sign_up_params
params.require(:customer).permit(:username, :email, :password)
end
def account_update_params
params.require(:customer).permit(:email, :password, :password_confirmation, :current_password)
end
end
EDIT 3:00 PM EST - 7-25-15
I've added bind.pry right before the resource.nil?in both the customers/registrations_controller.rb and customers/sessions_controller.rb but nothing is happening. I've even attempted to force an error by misspelling pry to binding.pry123 and the does not produce an error when attempting to sign in as a customer or a tech. this leads me to believe that the sign-in process is probably going through another default controller for signing in.
When attempting to sign in as a tech I am seeing Unpermitted parameters: login, password, remember_me in the the server logs:
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"SOME TOKEN", "customer"=>{"login"=>"s1#example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
Customer Load (0.3ms) SELECT `customers`.* FROM `customers` WHERE (username = 's1#example.com' OR lower(email) = lower('s1#example.com')) ORDER BY `customers`.`id` ASC LIMIT 1
Completed 401 Unauthorized in 4ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"SOME TOKEN", "customer"=>{"login"=>"s1#example.com", "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Log in"}
Unpermitted parameters: login, password, remember_me
Rendered customers/shared/_links.html.erb (4.9ms)
Rendered customers/sessions/new.html.erb within layouts/application (11.5ms)
Completed 200 OK in 239ms (Views: 238.1ms | ActiveRecord: 0.0ms)
EDIT 11:20 PM July 27, 2015
What I've failed to include is the following files relating to Devise.
application controller
require "customer_sanitizer.rb"
require "tech_sanitizer.rb"
protected
def devise_parameter_sanitizer
if resource_class == Customer
CustomerParameterSanitizer.new(Customer, :customer, params)
elsif resource_class == Tech
TechParameterSanitizer.new(Tech, :tech, params)
else
super
end
end
lib/customer_sanitizer.rb
class CustomerParameterSanitizer < Devise::ParameterSanitizer
def sign_up
default_params.permit(:username, :email, :password, :password_confirmation, :current_password)
end
def sign_in
default_params.permit(:username, :email)
end
def account_update
default_params.permit(:email, :password, :password_confirmation, :current_password)
end
end
lib/tech_sanitizer.rb
class TechParameterSanitizer < Devise::ParameterSanitizer
def sign_up
default_params.permit(:username, :email, :password, :password_confirmation, :current_password)
end
def sign_in
default_params.permit(:username, :email)
end
def account_update
default_params.permit(:email, :password, :password_confirmation, :current_password)
end
end
If I were to enable the this in the routes:
devise_for :customers, controllers: { sessions: 'customers/sessions' }
devise_for :techs, controllers: { sessions: 'techs/sessions }
...I can use the unified login. But if I were to register, it would not redirect to the custom profile page.
Commenting out the previous route setting and enabling this:
devise_for :customers, controllers: { registrations: 'customers/registrations' }
devise_for :techs, controllers: { registrations: 'techs/registrations' }
...I can register for an account then be redirected to a custom profile page after a successful registration but I lose the ability of the unified signin.
According to the logs, it states unpermitted parameters. Is there a to override/whitelist the strongparams?
Please let me know if there is any other practical solution for a unified sign-in field which would allow a user to log in with either their e-mail or username. Also the ability to to go to a custom profile page after registration.

Omniauth facebook authentication failure Invalid application Id

I am using omniauth-facebook gem to authorize using facebook in my rails application.
I have followed these instructions but the problem I am facing is error about invalid credentials:
(facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"error":{"message":"Error validating application. Invalid application ID.","type":"OAuthException","code":101}}
What is weird about this is that I am getting user info even though I get this error from facebook api.
the value of request.env['omniauth.auth']
is(server log).
#<OmniAuth::AuthHash credentials=#<OmniAuth::AuthHash expires=true
expires_at=1421256863 token="some_long_value"> extra=#<OmniAuth::AuthHash
raw_info=#<OmniAuth::AuthHash education=[#<OmniAuth::AuthHash school=
#<OmniAuth::AuthHash id="174179219354091" name="Udacity"> type="College">]
email="ashish#gmail.com" favorite_athletes=[#<OmniAuth::AuthHash id="51926382304"
name="Derrick Rose">, #<OmniAuth::AuthHash id="344128252278047" name="Sachin
Tendulkar">,.... so on
routes.rb
devise_for :users, :controllers => {:omniauth_callbacks => "omniauth_callbacks"}
config/initializers/omniauth.rb
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, 'key', 'secret', {:provider_ignores_state => true}
# key and secret are correctly added in above line
end
app/model/user.rb
devise :omniauthable, :omniauth_providers => [:facebook]
app/controller/omniauth_callback_controller.rb
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
omniauth = request.env['omniauth.auth']
# Other code to create authentication and other logic
puts "===>>> Omniauth is #{omniauth}"
end
def failure
res = request.env['omniauth.auth']
puts "======>>>>>> Authentication failed #{res}"
redirect_to root_path
end
end
Every time response goes to failure method but not to facebook method.
What I don't understand is when I am getting invalid credentials error from api then how come I get all the data from facebook. I doubt I have something wrong on my end while handling the callback from facebook.
Can anyone point where the problem can be?
I am pretty sure I am using correct application id and key I am getting data from facebook in the response.
Can anybody help me with this issue?