I am using a GEM device to authenticate user from Facebook oauth. I use the following to create a user
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
user
end
and then to login:
def facebook
#user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
def after_sign_in_path_for(resource)
return '/mypage'
end
if #user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook"
sign_in_and_redirect #user, :event => :authentication
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
However when the user visits the app after about 15 minutes of inactivity they will no longer be logged in. How can I increase this time? I don't seem to be getting anywhere currently.
If anyone could provide details of setting a cookie or something so that this will persist even when the browser is closed that would be good to.
EDIT
Full user.rb
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:omniauthable
# Setup accessible (or protected) attributes for your model
attr_accessible :name, :provider, :uid, :email, :password, :password_confirmation, :remember_me
has_many :ratings
has_many :rated_recipes, :through => :ratings, :source => :recipes
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
user
end
end
EDIT:
So some of the advice below has got me somewhere. It all seems to work fine when you access the rails via the url it is hosted at. However as soon as you hit the facebook app page the user no longer persists in any of the tabs open. Can't see why this would be
Related
I used devise to allow users register and login within the site. I also used omniauth-facebook to allow users login with their facebook accounts. However, people who registered first with the same email as their facebook-email cannot login with their facebook account.I want to use both facebook login and site registration.
This is my user.rb
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
user
end
end
And omniauth_callbacks_controller.rb
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
#user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
if #user.persisted?
sign_in_and_redirect #user, :event => :authentication #this will throw if #user is not activated
set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
You can easily do this the following way:
Create another model called Authorization with the attributes:
provider:string, uid:string, user_id:integer
Now User would be associated with Authorization as follows:
class User
has_many :authorizations
...
end
Whenever a facebook login occurs, check with the authorizations model to see if a record is present. If not create it and link it to the user model (by searching by email id).
Get the proper user object and login with it.
Source: http://net.tutsplus.com/tutorials/ruby/how-to-use-omniauth-to-authenticate-your-users/
I asked the question and just found ways out based on matrixtheone's anwser (really great help) and this blog.
http://www.orhancanceylan.com/rails-twitter-and-facebook-authentications-with-omniauth-and-devise/
Here is the code. If there is something wrong, please figure it out
def facebook
omni = request.env["omniauth.auth"]
authentication = Authentication.find_by_provider_and_uid(omni['provider'],omni['uid'])
if authentication
flash[:notice] = "Logged in Successfully"
sign_in_and_redirect User.find(authentication.user_id)
elsif user = User.find_by(email: omni['extra']['raw_info'].email)
user.authentications.create!(provider:omni['provider'],
uid:omni['uid'])
flash[:notice] = "Authentication for registered user is successful"
sign_in_and_redirect user
else
user = User.new
user.password = Devise.friendly_token[0,20]
user.email = omni['extra']['raw_info'].email
user.authentications.build(provider:omni['provider'],
uid:omni['uid'])
if user.save
flash[:notice] = "Logged in."
sign_in_and_redirect User.find(user.id)
else
session[:omniauth] = omni.except('extra')
redirect_to new_user_registration_path
end
end
end
You can add a custom validation for the email field in user model like
email_regex = /\A[\w+\-.]+#[a-z\d\-.]+\.[a-z]+\z/i
validates :email, :presence =>{:message => "An email address must be entered."},
:format => { :with => email_regex , :message => "The email address is not valid." },
:uniqueness => { :case_sensitive => false, :message => "The email address is already used."}
So I've got Omniauth with Twitter validation functioning at about 95%, in other-words it's almost fully functional. When clicking the | Sign-In with Twitter | button on my app, it re-directs me to twitter where I am then prompted to enter my Twitter credentials, and then re-directed back to the app.
However, instead of logging me in after the Twitter auth process I get the following error on the Sign-in page:
1 error prohibited this user from being saved:
Email can't be blank
How can I get Omniauth to re-direct me to the logged in page in my case the /posts page? And why is it producing such an error, when Omniauth is supposed to authorize me via Twitter validation?
User model:
class User < ActiveRecord::Base
has_many :authentications
# Include default devise modules. Others available are:
# :token_authenticatable, :lockable, :timeoutable and :activatable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation
# attr_accessible :title, :body
def apply_omniauth(omniauth)
self.email = omniauth['info']['email'] if email.blank?
authentications.build(:provider => omniauth['provider'], :uid => omniauth['uid'])
end
def password_required?
(authentications.empty? || !password.blank?) && super
end
end
Authentications Controller:
class AuthenticationsController < ApplicationController
def create
omniauth = request.env["omniauth.auth"]
authentication = Authentication.find_by_provider_and_uid(omniauth['provider'], omniauth['uid'])
if authentication
flash[:notice] = "Signed in successfully."
sign_in_and_redirect(:user, authentication.user)
elsif current_user
current_user.authentications.create!(:provider => omniauth['provider'], :uid => omniauth['uid'])
flash[:notice] = "Authentication successful."
redirect_to authentications_url
else
user = User.new
user.apply_omniauth(omniauth)
if user.save
flash[:notice] = "Signed in successfully."
sign_in_and_redirect(:user, user)
else
session[:omniauth] = omniauth.except('extra')
redirect_to new_user_registration_url
end
end
end
end
Registrations Controller:
class RegistrationsController < Devise::RegistrationsController
def create
super
session[:omniauth] = nil unless #user.new_record?
end
private
def build_resource(*args)
super
if session[:omniauth]
#user.apply_omniauth(session[:omniauth])
#user.valid?
end
end
end
I just remembered, the reason is actually simple, twitter doesn't return email in the omniauth request so it redirects you to the new user registration page and you have to fill in your email.
https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema
furthermore this could be of help
Skip email validation for omniauth-twitter on devise 2.0
I'm going to implement facebook and vkontakte login(registering) for my rails app, and with facebook all is ok (login and regitering is ok), done as in manual
here
But with vkontakte something wrong, i'll still get "empty" page
here is my code:
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
# You need to implement the method below in your model (e.g. app/models/user.rb)
#user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
if #user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook"
sign_in_and_redirect #user, :event => :authentication
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
def vkontakte
#user = User.find_for_vkontakte_oauth(request.env["omniauth.auth"], current_user)
if #user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Vkontakte"
sign_in_and_redirect #user, :event => :authentication
else
session["devise.vkontakte_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
And model:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:token_authenticatable, :lockable, :timeoutable, :omniauthable #:confirmable,
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :password, :password_confirmation, :remember_me, :provider, :uid, :name
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
user
end
def self.new_with_session(params, session)
super.tap do |user|
if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"]
user.email = data["email"] if user.email.blank?
end
if data = session["devise.vkontakte_data"] && session["devise.vkontakte_data"]["extra"]["raw_info"]
user.email = data["email"] if user.email.blank?
end
end
end
def self.find_for_vkontakte_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create(name:auth.info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.extra.raw_info.domain+'#vk.com',
password:Devise.friendly_token[0,20]
)
end
user
end
What's wrong?
Have you tried omniauth railscasts made by Ryan Bates ?
http://railscasts.com/episodes/360-facebook-authentication - here is for facebook
http://railscasts.com/episodes/235-omniauth-part-1
http://railscasts.com/episodes/236-omniauth-part-2
these are for authentication from different social networks. I'm started working with VK api, so if you will have problems with implmentation of these railscasts - tell me.
check if your server host as like registered in vk. For development, you may edit /etc/hosts and access to your site via this host.
Example: site is inmyhouse.su
/etc/hosts: 127.0.1.1 local.inmyhouse.su
NoMethodError (undefined method `persisted?' for nil:NilClass):
This is the error i get when trying to use omniauth with Devise...
I am able to signup for the site with facebook...
but once i log out
and try to log back in i get the
NoMethodError (undefined method `persisted?' for nil:NilClass):
class Models::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
# You need to implement the method below in your model (e.g. app/models/user.rb)
#model = Model.find_for_facebook_oauth(request.env["omniauth.auth"], current_model)
if #model.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook"
sign_in_and_redirect #model, :event => :authentication
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_model_registration_url
end
end
def passthru
render :file => "#{Rails.root}/public/404.html", :status => 404, :layout => false
# Or alternatively,
# raise ActionController::RoutingError.new('Not Found')
end
end
model.rb
class Model < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :confirmable,
# :lockable, :timeoutable and
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable
# Setup accessible (or protected) attributes for your model
attr_accessible :name, :email, :password, :password_confirmation, :remember_me, :provider, :uid
# attr_accessible :title, :body
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
model = Model.where(:provider => auth.provider, :uid => auth.uid).first
unless model
model = Model.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
end
def self.new_with_session(params, session)
super.tap do |model|
if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"]
model.email = data["email"] if model.email.blank?
end
end
end
end
Your find_for_facebook_oauth method is implicitly returning nil in cases where a model is found. You should explicitly return the model if it is found instead.
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
model = Model.where(:provider => auth.provider, :uid => auth.uid).first
return model if model
model = Model.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
model = Model.where(:provider => auth.provider, :uid => auth.uid).first
unless model
model = Model.create(name:auth.extra.raw_info.name,
provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
model #Add this here
end
My app is set up so that if a user signs in with Oauth or Openid, they don't have to confirm their email address. However, Devise is still sending email confirmations. When I call User.skip_confirmation! I get an undefined method error. My model:
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable, :recoverable, :rememberable,
:trackable, :validatable, :confirmable, :lockable, :token_authenticatable, :omniauthable
attr_accessible :username, :email, :password, :password_confirmation, :remember_me
validates_presence_of :username
validates_uniqueness_of :username, :case_sensitive => false
def self.find_for_facebook_oauth(access_token, signed_in_resource=nil)
data = access_token.extra.raw_info
if user = User.where(:email => data.email).first
user
else
#User.skip_confirmation!
User.create!(:username => data.name, :email => data.email, :password => Devise.friendly_token[0,20])
end
end
def skip_confirmation!
self.confirmed_at = Time.now
end
end
My Controller:
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
#user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
#user.skip_confirmation!
if #user.persisted?
sign_in #user
#fname = #user.username
redirect_to root_path, :flash => { :success => "Welcome #{#fname}!" }
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
thanks for any help.
You need to skip confirmation before you create the User objects and its persisted to the database. So the user creation part of your method would look like
user = User.new(:username => data.name, :email => data.email, :password => Devise.friendly_token[0,20])
user.skip_confirmation!
user.save
If you're updating a user record, make sure to use skip_reconfirmation! (mind the re)