Devise/Omniauth - 如何处理不包含电子邮件的提供商

发布于 2025-01-07 12:53:19 字数 1115 浏览 7 评论 0原文

我有一个 Rails 应用程序，它使用 Devise 和 Omniauth 来处理身份验证。按照规定，我在omniauth_callbacks_controller中收到来自提供商的回调，我在其中检查身份验证是否已经存在，以及具有提供商提供的电子邮件的用户是否已经存在，如有必要，创建一个新用户。

我需要为每个用户提供一个有效的电子邮件。我的问题来自 Twitter 的回调。 Twitter 不为其用户提供电子邮件，因此我无法创建有效用户。为了解决这个问题，我将提供商的数据存储在会话中，并向用户发送新的注册页面，要求他们提交电子邮件地址，以便我可以创建有效的用户。当提交此表格时，我遇到了问题。该表单已创建一个新用户，但完全有可能具有该电子邮件的用户已经存在（在这种情况下，我需要向该用户添加身份验证）。

目前我正在检查是否已经存在与新用户具有相同电子邮件地址的用户。如果是这样，我将忽略新用户并将身份验证应用于已存在的用户。然而这感觉真的很hacky。

我应该怎么做？

class Users::RegistrationsController < Devise::RegistrationsController

def build_resource(*args)
    super
    if session[:omniauth]
      #If a user with this email already exists then use them instead
      existing_user = User.find_by_email(@user.email)
      if(existing_user)
          existing_user.email = @user.email
          @user = existing_user
      end
      #If there is a session available, we know it contains data for adding an authentication
      @user.apply_omniauth_data_as_authentication(session[:omniauth])
      #Ensure validations are passed on to next page
      @user.valid?
    end
  end

原文

I have a Rails app that uses Devise and Omniauth to handle authentications. As prescribed I am receiving callbacks from the providers in my omniauth_callbacks_controller, where I check if the authentication already exists, and whether a user with the email given by the provider already exists, creating a new user if necessary.

I need a valid email for each user. My problem comes with callbacks from Twitter. Twitter doesn't provide an email for its users, so I can't create a valid user. To solve this I store the provider's data in a session and I send the user the new registrations page, asking them to submit their email address so I can create a valid user. When this form is submitted I hit a problem. The form has created a new user, but it is perfectly possible that a user with that email already exists (in which case I would need to add the authentication to that user).

At the moment I am checking to see if a user with the same email as the new user already exists. If so, I am ignoring the new user and applying the authentication to the user that already exists. However this feels really hacky.

How should I be doing this?

class Users::RegistrationsController < Devise::RegistrationsController

def build_resource(*args)
    super
    if session[:omniauth]
      #If a user with this email already exists then use them instead
      existing_user = User.find_by_email(@user.email)
      if(existing_user)
          existing_user.email = @user.email
          @user = existing_user
      end
      #If there is a session available, we know it contains data for adding an authentication
      @user.apply_omniauth_data_as_authentication(session[:omniauth])
      #Ensure validations are passed on to next page
      @user.valid?
    end
  end

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

真心难拥有 2025-01-14 12:53:19

干得好。我会尝试记住我从哪里获得修复并发布链接（如果有）：

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  # This controller handles callbacks from Omniauth providers. If a user already exists with this provider we sign them in.
  # Otherwise we either add an authentication to the current user, or create a new user if one doesn't exist.

  def facebook
    authorize
  end

  def twitter
    authorize
  end

  private

    def authorize
      omniauth_data = request.env["omniauth.auth"]
      #Check to see if we have an authentication for this provider already stored for any User
      authentication = Authentication.find_by_provider_and_uid(omniauth_data['provider'], omniauth_data['uid'])
      #If an authentication already exists, sign the owning User in
      if authentication
        flash[:notice] = "Signed in successfully with " +  omniauth_data['provider'].titleize
        sign_in_and_redirect(:user, authentication.user)
      #Otherwise if there is a current User, add a new authentication for them
      elsif current_user
        current_user.authentications.create(:provider => omniauth_data['provider'], :uid => omniauth_data['uid'], :token => omniauth_data['token'])
        flash[:notice] = "Authentication successful"
        redirect_to user_profile_url
      #Otherwise we check if a user exists with the email address provided by the provider (if provided at all))
      else
        email = omniauth_data['info']['email']
        user = User.find_by_email(email)
        #If no user exists, create a new one
        if(!email || !user)
            user = User.new
        end
        user.apply_omniauth_data_as_authentication(omniauth_data)
        #If they save successfully (meaning we have enough data from the authorisation) sign them in
        if user.email?
          #We got all we needed from the provider so we don't need them to confirm'
          user.skip_confirmation!
          user.save!
          flash[:notice] = "Signed in successfully with " +  omniauth_data['provider']
          sign_in_and_redirect(:user, user)
        #Otherwise we need to have the visitor manually submit missing information
        else
          #save the omniauth data in a session so we can add the authentication once registration is complete
          flash[:alert] = "Please complete registration"
          session[:omniauth] = omniauth_data.except('extra')
          redirect_to new_user_registration_url
        end
      end
    end

end

Here you go. I'll try and remember where I got the fix from and post a link if I do:

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  # This controller handles callbacks from Omniauth providers. If a user already exists with this provider we sign them in.
  # Otherwise we either add an authentication to the current user, or create a new user if one doesn't exist.

  def facebook
    authorize
  end

  def twitter
    authorize
  end

  private

    def authorize
      omniauth_data = request.env["omniauth.auth"]
      #Check to see if we have an authentication for this provider already stored for any User
      authentication = Authentication.find_by_provider_and_uid(omniauth_data['provider'], omniauth_data['uid'])
      #If an authentication already exists, sign the owning User in
      if authentication
        flash[:notice] = "Signed in successfully with " +  omniauth_data['provider'].titleize
        sign_in_and_redirect(:user, authentication.user)
      #Otherwise if there is a current User, add a new authentication for them
      elsif current_user
        current_user.authentications.create(:provider => omniauth_data['provider'], :uid => omniauth_data['uid'], :token => omniauth_data['token'])
        flash[:notice] = "Authentication successful"
        redirect_to user_profile_url
      #Otherwise we check if a user exists with the email address provided by the provider (if provided at all))
      else
        email = omniauth_data['info']['email']
        user = User.find_by_email(email)
        #If no user exists, create a new one
        if(!email || !user)
            user = User.new
        end
        user.apply_omniauth_data_as_authentication(omniauth_data)
        #If they save successfully (meaning we have enough data from the authorisation) sign them in
        if user.email?
          #We got all we needed from the provider so we don't need them to confirm'
          user.skip_confirmation!
          user.save!
          flash[:notice] = "Signed in successfully with " +  omniauth_data['provider']
          sign_in_and_redirect(:user, user)
        #Otherwise we need to have the visitor manually submit missing information
        else
          #save the omniauth data in a session so we can add the authentication once registration is complete
          flash[:alert] = "Please complete registration"
          session[:omniauth] = omniauth_data.except('extra')
          redirect_to new_user_registration_url
        end
      end
    end

end

回复收藏 0 原文