On rails 4, I am using devise to authenticate my users and I am also adding a facebook authentication...
I've followed thisdocumentation and I set up in my config var on heroku.
config.omniauth :facebook, "APP_ID", "APP_SECRET", callback_url: "CALLBACK_URL"
Now when I am on my url if I click on sign up with facebook link I arrive on facebook login page (as I am logged out from facebook) and when I clcik login I am redirected to this:
What is wrong?
Thanks for your help :)
here are my logs
at=info method=GET path="/users/auth/facebook/callback?code=AQBSQ125f8npBttjqtAZ4uN9M2-u_DaHqMdp2LJadvBUESXOP_u7q-OL_U0XDlrk836GuXu63OPXAerDTsG7xwgXSg93VgSEMxjs-L733DCsQ1zpoPBMxUgGIQLFb3QxQIqU544ymZuNsDEhdofUj58hrcjOOpg9fEZjQb3lvZqCd34mPt2MVPjQJJAMoe1Vo5n0Y1ozyhYjpSH2DfKTHsmK38ba_7TD8I48M47g0rItI55vvLkrogHLnpgf_NlHjgeHMXldPzsKgEybRM2ouR8S6zKNLsWRJlQ_TbJe_sYuRU85WNoJeAlRrHW-iiw1N4XHIxO2W-JTMG71jwqelSjrPM6c1kPzJbNu-zxjo1vNpQ&state=8a8f36fdd32be2f5931f05ac9176c6f5f5412ef9a8f84eeb" host=duclostutos.herokuapp.com request_id=7968a919-2170-4030-8a32-87d64299e5bf fwd="92.171.113.21" dyno=web.1 connect=0ms service=939ms status=404 bytes=1829
I could have a problem with my routes....
Rails.application.routes.draw do
devise_for :users, only: :omniauth_callbacks, controllers: {omniauth_callbacks: 'users/omniauth_callbacks'}
scope ":locale", locale: /#{I18n.available_locales.join("|")}/ do
get "/best_voted", to: "tutos#best_voted"
resources :tutos
namespace :users do
resources :tutos
end
resources :tutos, only: [:show]
resources :tutos do
member do
put "like", to: "tutos#upvote"
end
end
as :user do
get "/register", to: "devise/registrations#new", as: :register
get "/login", to: "devise/sessions#new", as: :login
get "/logout", to: "devise/sessions#destroy", as: :logout
get "/account", to: "users#show", as: :account
get "/login" , to: "devise/sessions#new", as: :new_user_session
post "/login" , to: "devise/sessions#create", as: :user_session
delete "/logout" , to: "devise/sessions#destroy", as: :destroy_user_session
end
devise_for :users, skip: [:sessions, :omniauth_callbacks]
resources :users
root "home#landing"
end
get '*path', to: redirect("/#{I18n.default_locale}/%{path}")
get '', to: redirect("/#{I18n.default_locale}")
end
You set the omniauth callbacks routes with this line
devise_for :users, only: :omniauth_callbacks, controllers: {omniauth_callbacks: 'users/omniauth_callbacks'}
You are overwriting your devise_for :users routes with this line.
devise_for :users, skip: [:sessions, :omniauth_callbacks]
Removing the callback routes.
In your terminal run rake:routes To see a full list of routes for your application.
Related
I have a app using devise to login/out, and view/create profiles. As of yet users may create and delete profiles although there is only supposed to be one profile per user. I have set up my routes just about without problems until comes the SignOut/LogOut from the whole app. Ultimately the error log is all I can decipher, and seems that routes.rb needs some modification for this to work, but I am stumped. Here are the errors and routes.rb:
/log/production.log:
Started DELETE "/users/sign_out" for 127.0.0.1 at 2020-01-26 01:56:53 -0500
ActionController::RoutingError (No route matches [DELETE] "/users/sign_out"):
routes.rb
Rails.application.routes.draw do
devise_for :users, :controllers => {:sessions => "users/sessions" }
resources :profiles, only: [:new, :create, :edit, :update, :destroy]
devise_scope :user do
authenticated :user do
root to: 'profiles#index', as: :authenticated_root
get '/profiles/new' => 'profiles#new'
match '/profiles' => 'profiles#create', via: [:get, :post]
get '/profiles/:id' => 'profiles#show'
get '/profiles/:id/edit' => 'profiles#edit'
match '/profiles/:id' => 'profiles#update', via: [:get, :post]
delete '/profiles' => 'profiles#destroy', via: [:get, :post]
end
unauthenticated :user do
root to: 'devise/sessions#new', as: :unauthenticated_root
match '/users/sign_in' => 'devise/sessions#create', via: [:get, :post]
delete '/users/sign_out' => 'devise/sessions#destroy'
end
end
end
I read that using resources :users may affect devise sessions controller, in that I would need a UsersController, however haven't included resources :users in my routes, and/or for a similar error.
You placed the sign-out route in the unauthenticated block in your routes.rb
unauthenticated :user do
# ..
delete '/users/sign_out' => 'devise/sessions#destroy'
end
What doesn't makes sense, only authenticated users can sign out. Just move that method into the authenticated :user block above:
authenticated :user do
# ..
delete '/users/sign_out' => 'devise/sessions#destroy'
end
My app has "users" for the main app and "admin_users" and the /admin Namespace.
When I'm logged into the /admin Namespace as an admin_user, and click "log out" - Devise logs me out of both Namespaces. How can I ensure that Devise only logs me out of that Namespace?
Routes.rb
devise_for :users, skip: :all
as :user do
get 'signin', to: 'devise/sessions#new', as: :new_user_session
post 'signin', to: 'devise/sessions#create', as: :user_session
delete 'signout', to: 'devise/sessions#destroy', as: :destroy_user_session
end
devise_for :admins, skip: :all
as :admin do
get 'admin/signin', to: 'admin/devise/sessions#new', as: :new_admin_session
post 'admin/signin', to: 'admin/devise/sessions#create', as: :admin_session
delete 'admin/signout', to: 'admin/devise/sessions#destroy', as: :destroy_admin_session
end
authenticate :admin do
namespace :admin do
...
end
end
set config.sign_out_all_scopes = false in config/initializers/devise.rb.
# Set this configuration to false if you want /users/sign_out to sign out
# only the current scope. By default, Devise signs out all scopes.
config.sign_out_all_scopes = false
Locally my password reset through 'forget password' link works fine. In production I receive the mail but it states that the route is not there. I however resources :password_resets in my routes?
Full routes
Rails.application.routes.draw do
get 'password_resets/new'
devise_for :users, controllers: { registrations: "registrations" }
root to: 'pages#home'
resources :companies, except: :index do
resources :messages
member do
put "like" => "companies#upvote"
put "unlike" => "companies#downvote"
end
end
resources :messages, only: [:index, :show]
resources :contacts, only: [:new, :create]
resources :password_resets
get '/profile', to: "users#profile", as: :profile
get '/show', to: "users#show", as: :show
get '/overview', to: "companies#overview", as: :overview
get '/about', to: "pages#about"
get '/how-does-it-work', to: "pages#how_does_it_work"
# mount using default path: /email_processor
mount_griddler
get '/send-messages', to: "messages#send_messages", as: :sendmessages
delete 'avatar' => 'users#delete_avatar', as: :delete_avatar
# Terms of Service and Privacy Policy
get '/terms-of-service', to: "pages#terms_of_service"
get '/privacy-policy', to: "pages#privacy_policy"
get '/cookies', to: "pages#cookies"
get '/companies', to: "userselections#select", as: :select
# --- User selections routes ---
get '/user_selections', to: "userselections#select", as: :user_selections
post '/user_selections', to: "userselections#create", as: :new_user_selections
delete '/user_selections/:id', to: "userselections#destroy", as: :destroy_user_selections
end
Error I get on our staging
No route matches [GET] "/password_resets/ubVUvWvkqG60kU1S5jTvuw/edit"
I have put login and signup in one page and every thing works fine except when I encounter errors. Then the page redirects to their default pages and show errors there. In my case the login redirects me to the default domain.com/users/sign_in , but signup redirects me to domain.com/users.
routes.rb
Rails.application.routes.draw do
root 'visitor#index'
namespace :admin do
# get "/stats" => "stats#stats"
devise_scope :admin_user do
get '/stats/:scope' => 'stats#stats', as: :admin_stats
end
end
devise_for :admin_users, ActiveAdmin::Devise.config
ActiveAdmin.routes(self)
namespace :client do
get 'dashboard' => 'dashboard#index', as: 'dashboard'
# resources :verification, only: [:create, :index, :destroy]
get 'verification' => 'verification#index', as: 'verification'
match 'verification' => 'verification#upload', as: 'verification_upload', via: [:post, :patch]
end
devise_for :users, class_name: 'FormUser', controllers: { omniauth_callbacks: 'omniauth_callbacks', registrations: 'registrations' }
# devise_scope :user do
# root to: 'devise/registrations#new'
# end
end
you can use a CustomFailure class to control where the redirect goes if Devise fails to authenticate.
It's explained at this wiki page...
https://github.com/plataformatec/devise/wiki/How-To:-Redirect-to-a-specific-page-when-the-user-can-not-be-authenticated
I would like to make the homepage for an app (ie landing page) display a registration page. Unless the user is logged in - in which case they just find the "statuses" page.
Here are what I believe are the two relevant excerpts:
as :user do
get '/register', to: 'devise/registrations#new', as: :register
get '/login', to: 'devise/sessions#new', as: :login
get '/logout', to: 'devise/sessions#destroy', as: :logout
end
[...]
resources :statuses
get 'feed', to: 'statuses#index', as: :feed
root to: 'statuses#index'
Basically, I'm trying to get these two pages to swap their routes and route names. Unless, as mentioned, if someone is already signed in, then the landing page is the statuses page.
I only know a bit about this sort of thing, such as "get," and the URL aspects. If anyone could provide guidance, I'd be much obliged.
Here's the routes.rb file:
Treebook::Application.routes.draw do
resources :activities, only: [:index]
as :user do
get '/register', to: 'devise/registrations#new', as: :register
get '/login', to: 'devise/sessions#new', as: :login
get '/logout', to: 'devise/sessions#destroy', as: :logout
end
devise_for :users, skip: [:sessions]
as :user do
get "/login" => 'devise/sessions#new', as: :new_user_session
post "/login" => 'devise/sessions#create', as: :user_session
delete "/logout" => 'devise/sessions#destroy', as: :destroy_user_session
end
resources :user_friendships do
member do
put :accept
put :block
end
end
resources :statuses
get 'feed', to: 'statuses#index', as: :feed
root to: 'statuses#index'
scope ":profile_name" do
resources :albums do
resources :pictures
end
end
get '/:id', to: 'profiles#show', as: 'profile'
end
Why not just send the user to the statuses page, and redirect all users who are not signed in to the sign in?
class StatusesController
before_action :authorize!, only: :index
def index
#...
end
def authorize! # I believe this method is provided by devise
unless signed_in?
redirect_to new_user_session_path
end
end
end
# config/routes.rb
root 'statuses#index'