1. 首頁
  2. 問答
  3. 用Twitter登錄的Cookie溢出

用Twitter登錄的Cookie溢出

2013-06-27 57 views
2

當我嘗試在我的網站上使用Twitter登錄時,我遇到了一種錯誤。用Twitter登錄的Cookie溢出

ActionDispatch::Cookies::CookieOverflow in Users::OmniauthCallbacksController#twitter 

ActionDispatch::Cookies::CookieOverflow

我找不到解決方案,這是我使用的代碼。

omniauth_callbacks_controller.rb

def twitter 
@user = User.find_for_provider_oauth(request.env["omniauth.auth"], current_user) 

if @user.persisted? 
    sign_in_and_redirect @user, :event => :authentication 
    set_flash_message(:notice, :success, :kind => "twitter") if is_navigational_format? 
else 
    session["devise.twitter_data"] = request.env["omniauth.auth"] 
    redirect_to new_user_registration_url 
end

devise.rb

require "omniauth-twitter" 


config.omniauth :twitter, 'xxxxxxx', 'xxxxxxxxxxxk', :strategy_class => OmniAuth::Strategies::Twitter

user.rb

def self.from_omniauth(auth) 
where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user| 
    user.provider = auth.provider 
    user.uid = auth.uid 
    user.name = auth.info.name 
    user.oauth_token = auth.credentials.token 
    user.oauth_expires_at = Time.at(auth.credentials.expires_at) 
    user.save! 
end 

def self.find_for_provider_oauth(auth, signed_in_resource=nil) 
user = User.where(:provider => auth.provider, :uid => auth.uid).first 
unless user 
    user = User.create(name:auth.extra.raw_info.name, 
        provider:auth.provider, 
        uid:auth.uid, 
        email:auth.info.email, 
        password:Devise.friendly_token[0,20], 
        invite_code:"42TXP" 
        ) 
end 
user

來源

2013-06-27 Gauthier

回答

5

它是WHA你把它放在會話的其他部分保存

session["devise.twitter_data"] = request.env["omniauth.auth"]

它可能對於cookie來說太大了。 您應該將該信息保存在其他地方。或者不要保留它。

來源

2013-06-27 13:56:41 yannick

1

我最近在遵循https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview中的方法後出現了類似的問題,希望這可以幫到你。

代替

在OmniauthCallbacksController,:

@user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)

我用:

@user = User.find_for_facebook_oauth(request.env["omniauth.auth"].provider, request.env["omniauth.auth"].uid, request.env["omniauth.auth"].extra.raw_info.name, request.env["omniauth.auth"].info.email, current_user)

在用戶模式:

def self.find_for_facebook_oauth(provider, uid, name, email, signed_in_resource=nil) 
user = User.where(:provider => provider, :uid => uid).first 
unless user 
    user = User.create(:name => name, 
        :provider => provider, 
        :uid => uid, 
        :email => email, 
        :password => Devise.friendly_token[0,20] 
        ) 

    end 
    return user 
end

而且在OmniauthCallbacksController確保你避免使用要求。 env [「omniauth.auth」],請使用request.env [「omniauth.auth」] .id替代。

來源

2013-06-28 10:03:25 jeangali

5

用途:.except("extra")

session["devise.twitter_data"] = request.env["omniauth.auth"].except("extra")

它消除很大一部分來自簡直不需要cookie

來源

2015-05-16 14:27:37

相關問題

 相關問題