我正在用facebook和devise实现oauth登录,当从接受应用程序(弹出窗口)返回时,我收到以下错误:
无法通过Facebook验证您,因为"Csrf已检测到".
这是日志:
在2014-01-23 23:59:58开始GET"/ users/auth/facebook/callback"为127.0.0.1 +0100 ActiveRecord :: SchemaMigration Load(0.3ms)SELECT"schema_migrations".*FROM"schema_migrations"(facebook )回调阶段已启动.(脸谱)认证失败!csrf_detected:OmniAuth :: Strategies :: OAuth2 :: CallbackError,csrf_detected | CSRF检测到
我的用户模型
class User < ActiveRecord::Base
devise :token_authenticatable, :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :confirmable,
:omniauthable, :omniauth_providers => [:facebook]
before_save :ensure_authentication_token
has_one :user_settings
has_many :predictions
has_many :user_leagues
has_many :leagues, through: :user_leagues # this wasn't working, solution found: http://stackoverflow.com/questions/1781202/could-not-find-the-association-problem-in-rails
valid_email_regex = /\A[\w+\-.]+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\z/i
validates :email, format: { with: valid_email_regex }
validates :firstName, :lastName, :username, presence:true
acts_as_voter
def self.find_for_facebook_oauth(auth)
where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
user.provider …