Ruby on Rails:Authlogic Facebook 集成:将帐户与用户输入链接起来,而不是自动使用电子邮件地址

发布于 2024-10-08 13:10:21 字数 668 浏览 8 评论 0原文

我正在使用 Ruby on Rails 开发一个 Web 应用程序。我正在使用 authlogic 进行身份验证。我的网站有自己的登录信息,但我希望也使用 Facebook。我尝试了 authlogic_facebook_connect (使用 Facebooker)。经过很多麻烦之后(文档还没有真正完全跟上),我确实让 authlogic_facebook_connect 开始工作,而且没问题。当我面对以前从未使用过该网站的用户时,默认的“连接”行为非常有效,但它会导致使用不同电子邮件地址访问 Facebook 和我的网站的用户进行大量重复登录。这就是我想要的:

当用户点击 Facebook“连接”按钮时(并且在完成单击“允许”的 Facebook 身份验证步骤后),我希望弹出一个框,询问用户是否要连接到预连接- 我网站上的现有帐户,或者他们是否希望自动为其生成帐户。

如果他们希望自动为他们生成它,我们很好,我们会照常进行,但如果 - 另一方面 - 他们想要将他们的 Facebook 帐户链接到我网站上的帐户,我实际上希望他们进入他们的本地凭据并找到正确的帐户。换句话说,我希望我的解决方案自动找出哪个帐户看起来是正确的,我希望用户这样做。

是否有任何 gem/插件/快速 hack 可以让我使用 authlogic_facebook_connect 或 OAuth 或其他东西来完成这个任务?

——大卫

I'm developing a web app in Ruby on Rails. I'm using authlogic to do authentication. My site has its own logins, but I'm hoping to also use Facebook. I tried out authlogic_facebook_connect (using Facebooker). After a lot of hiccups (the docs haven't really been fully kept up), I did get authlogic_facebook_connect to work and it's OK. The default "connect" behavior works perfectly when I'm faced with users who have never used by site before, but it results in a lot of duplicate logins for people that are using different email addresses for Facebook and for my site. Here's what I want:

When the user hits the Facebook "Connect" button (and after they go through the Facebook auth step of clicking 'Allow'), I want a box to pop up asking the user if they want to connect to a pre-existing account on my site or if they want to have an account automatically generated for them.

If they want it automatically generated for them, we're good and we proceed as normal, but if -- on the other hand -- they want to link their Facebook account to an account on my site, I actually want them to enter in their local credentials and find the correct account. In other words, I do not want my solution to automatically figure out which account looks like the right one, I want the user to do this.

Is there any gem / plugin / quick hack that will allow me to pull this off either using authlogic_facebook_connect or OAuth or something else?

--David

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

给我一枪 2024-10-15 13:10:21

其他人也许能够为您指出完美的 gem,但我可以告诉您,我已经解决了类似的问题,并且基于 oauth2 gem 推出我们自己的问题并没有太多工作。

这是我使用的代码/流程的草图。

1) 用户点击“连接到 Facebook”,这会将您带到类似这样的操作

def to_facebook
    options = {
      :redirect_uri => facebook_callback_url,
      :scope => "email,publish_stream" # whatever you want to do
    }
    client = OAuth2::Client.new(FACEBOOK_API_KEY, FACEBOOK_API_SECRET, :site => FACEBOOK_API_SITE)

    redirect_to client.web_server.authorize_url(options)
end

2) 用户转到 facebook 并为您提供所需的所有访问权限,然后 facebook 调用您指定的回调 facebook_callback_url这应该将您带到这样的操作:

def facebook_callback
    client = OAuth2::Client.new(FACEBOOK_API_KEY, FACEBOOK_API_SECRET, :site => FACEBOOK_API_SITE)
    access_token = client.web_server.get_access_token(params[:code], :redirect_uri => facebook_callback_url)

    do_my_custom_user_association(access_token)
end

然后您可以在 do_my_custom_user_association 中指定您想要的任何内容,如果有人登录,您应该从 authlogic 获得一个 current_user ,因此您可以重定向到一个流程,让登录用户选择是否要合并到当前帐户或其他帐户。如果当前没有用户,您可以将他们发送到创建帐户流程,并附加一些 Facebook 数据。

请注意,这只是一个草图,需要处理一些错误情况(例如,如果 get_acccess_token 失败,facebook_callback 将被参数 error_reason 命中),我不推荐您在控制器中完成所有 oauth2 交互,但基本思想就在那里。

请参阅 http://developers.facebook.com/docs/authentication/ 如果有任何 oauth2互动没有意义。

Someone else may be able to point you at the perfect gem for this, but I can tell you that I've worked on a similar problem and it wasn't much work to roll our own, based on the oauth2 gem.

Here's a sketch of the code/flow I use.

1) User clicks on 'Connect to Facebook' and this sends you to an action like this

def to_facebook
    options = {
      :redirect_uri => facebook_callback_url,
      :scope => "email,publish_stream" # whatever you want to do
    }
    client = OAuth2::Client.new(FACEBOOK_API_KEY, FACEBOOK_API_SECRET, :site => FACEBOOK_API_SITE)

    redirect_to client.web_server.authorize_url(options)
end

2) User goes over to facebook and gives you all the access you want, then facebook calls the callback you specified facebook_callback_url which should take you to an action like this:

def facebook_callback
    client = OAuth2::Client.new(FACEBOOK_API_KEY, FACEBOOK_API_SECRET, :site => FACEBOOK_API_SITE)
    access_token = client.web_server.get_access_token(params[:code], :redirect_uri => facebook_callback_url)

    do_my_custom_user_association(access_token)
end

Then you can specify whatever you want in do_my_custom_user_association, you should have a current_user available from authlogic if someone is logged in, so you can redirect to a flow that lets the logged in user select if they want to merge into their current account or a different one. If there's no current user, you can send them to a create account flow, with some facebook data attached.

Note that this is just a sketch, there are error cases to handle (e.g. facebook_callback will be hit with the param error_reason if the get_acccess_token fails) and I'm not recommending you do all the oauth2 interaction right in your controller, but the basic idea is there.

See http://developers.facebook.com/docs/authentication/ if any of the oauth2 interactions don't make sense.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文