I have been trying to authenticate users using twitter-omniauth gem for last days, yet not successful. (Authentication with facebook works perfectly)
I'm keep getting 401 Unauthorized error.
I search through stackoverflow, but none of the answers could solve my problem.
I reach the twitter login when I try http://127.0.0.1/users/auth/twitter. I login and I'm redirected to http://127.0.0.1/users/auth/twitter/callback and unauthorized error comes.
Below callback url I have entered in twitter
http://127.0.0.1/users/auth/twitter/callback
rake routes output
new_user_session GET /users/sign_in(.:format) {:action=>"new", :controller=>"devise/sessions"}
user_session POST /users/sign_in(.:format) {:action=>"create", :controller=>"devise/sessions"}
destroy_user_session DELETE /users/sign_out(.:format) {:action=>"destroy", :controller=>"devise/sessions"}
user_omniauth_callback /users/auth/:action/callback(.:format) {:action=>/twitter|facebook/, :controller=>"users/omniauth_callbacks"}
user_password POST /users/password(.:format) {:action=>"create", :controller=>"devise/passwords"}
new_user_password GET /users/password/new(.:format) {:action=>"new", :controller=>"devise/passwords"}
edit_user_password GET /users/password/edit(.:format) {:action=>"edit", :controller=>"devise/passwords"}
PUT /users/password(.:format) {:action=>"update", :controller=>"devise/passwords"}
cancel_user_registration GET /users/cancel(.:format) {:action=>"cancel", :controller=>"devise/registrations"}
user_registration POST /users(.:format) {:action=>"create", :controller=>"devise/registrations"}
new_user_registration GET /users/sign_up(.:format) {:action=>"new", :controller=>"devise/registrations"}
edit_user_registration GET /users/edit(.:format) {:action=>"edit", :controller=>"devise/registrations"}
PUT /users(.:format) {:action=>"update", :controller=>"devise/registrations"}
DELETE /users(.:format) {:action=>"destroy", :controller=>"devise/registrations"}
login /login(.:format) {:action=>"login", :controller=>"home"}
root / {:controller=>"home", :action=>"index"}
If you need anymore info, I'll provide. Please help me to solve this.
I had this issue today and found that I had to set a callback URL in the settings at dev.twitter.com under my application. So check that you have set a callback URL settings, I set it to my intended production address and when running in dev mode locally it redirected fine.
It mentions under the callback url input box that if left blank it will restrict the app from using callback urls.
I'm pretty sure I ran into issues with this when it was coming from localhost...
This article says they allow it, but if memory serves me correctly, I had to use an externally accessible URL. When I was testing my oauth stuff, I used DynDns and opened a port in my router.
In my case I used "Access Token" and secret instead of "Consumer Key" caused this error.
In my case, we were using the Timecop gem and it was causing the omniauth-twitter gem to fail because of a conflict with the local server time being set by timecop.
I ran into this issue because I had put my keys in my environment in ~/.bash_profile, but i never sourced it. Once i opened a new terminal it worked fine.
Apparently Twitter added a checkbox on the App Settings tab.
At the bottom of the "Application details" pane, you have to check the box saying "Allow this application to be used to Sign in with Twitter".
After checking it and waiting a few minutes as the alert box is telling me it all began to work.
Related
I've just updated Omniauth from 0.2.6 to 1.1.1 in order to use the developer strategy. I've made my login link point to /auth/developer if the environment is development and /auth/facebook if production.
The Facebook strategy still works. When using the developer strategy, the link goes to the built-in Omniauth sign in page but returns a 404 when clicking sign in. This model does not use Devise.
Routes file
get "/auth/:provider/callback" => "sessions#create"
.
.
.
get '*a', :to => 'errors#routing'
Omniauth initializer
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, [etc.]
provider :developer if Rails.env.development?
end
Log
Started GET "/auth/developer" for 127.0.0.1 at 2012-12-19 16:23:04 +0200
Started POST "/auth/developer/callback" for 127.0.0.1 at 2012-12-19 16:23:10 +0200
ActionController::RoutingError (No route matches "/auth/developer/callback")
Ran into this today in a new rails 4 application, I'm currently using this route as a workaround:
match '/auth/:provider/callback', to: "sessions#create", via: [:get, :post]
I am new to rails and I am writing some tests using Capybara and cucumber.
Scenario: Successful login
Given a user "admin#adm.com" with password "admin123"
And I am on the sign in page
Given /^I am on the sign in page$/ do |page_name|
visit('/users/sign_in')
save_and_open_page
end
I am having trouble figuring out a way to write a named path instead of the '/users/sign_in' url.
How can I figure it out?
The way to do this is,
Go to the project root directory and run
rake routes
This will give a list of all the requests handled by rails as follows:
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
So looking at the first column above, we see the "new_user_session"
This can be written as new_user_session_path and placed in visit() as:
visit(new_user_session_path)
And (as far as I know) it works just fine :)
I have a Rails 3.2 app with Devise for authenticating users.
On local development mode, the Sign-out link is not working. It redirects me to home page instead of showing Sign-in page and the session is not destroyed. But on Heroku, clicking on Sign-out link properly logs me out and shows me the Sign-in page destroying the user session.
In application .haml layout page, the link to Sign-out page is:
= link_to "Sign Out", destroy_user_session_path, :method => :delete
Related routes:
devise_for :users, :controllers => { :sessions => 'sessions' }
new_user_session GET /users/sign_in(.:format) sessions#new
user_session POST /users/sign_in(.:format) sessions#create
destroy_user_session DELETE /users/sign_out(.:format) sessions#destroy
I have inherited the Devise::SessionsController to SessionsController in my app as below:
class SessionsController < Devise::SessionsController
layout 'devise_layout'
end
Now the weird case is that, after the session is expired which is default 30 minutes, I log in again and click on Sign-out link, it redirects me back to Sign-in page.
All works fine on Heroku, it fails on local. I am unable to figure it out what is happening on local.
I don't think I am doing anything wrong here because same is deployed to Heroku and is working fine there. What's wrong with development mode on local?
Oops...answering late.
Anyway, I was able to figure out the issue. Actually the app is subdomain based. So I used lvh.me:3000 for testing on local as localhost:3000 doesnt support subdomain.
The workaround is to set subdomain as "lvh.me" in session_store.rb.
domain: 'lvh.me'
I'm facing a weird problem.
I followed this tutorial : https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
It works perfectly with the exact same code on my local machine (with modification on APP_ID and SECRET).
But when I test it on another server, I cant get logged in with Facebook informations...
I click on the link (<%= link_to 'register with fb', user_omniauth_authorize_path(:facebook) %>) then I'm redirected well to Facebook which asks me if I allow the app and finally I get redirected to my site.
But I'm redirected to /user/sign_in ! And no record with the user retrieved from Facebook is created.
The log gives me :
Started GET "/users/auth/facebook" for 192.168.1.254 at 2011-07-25 19:06:11 +0400
Started GET "/users/auth/facebook/callback?code=grV09GQr[...]BbcM-mxklOu5E"
for 192.168.1.254 at 2011-07-25 19:06:12 +0400 Processing by
Users::OmniauthCallbacksController#failure as HTML Parameters:
{"code"=>"grV09GQrqjDepasyQpVhqSg0FINlr4h9[...]sSUooMrBRxBbcM-mxklOu5E"}
Redirected to http://mysite.com/users/sign_in Completed 302 Found in
1ms
Someone has an idea ?
Many Thanks
You are getting the sign-in page because this is the default behavior for the omniauth gem when an error occurs from facebook. You are getting rejected from facebook. If you were to decode the code in the returned URL, you might be able to figure out the reason. It would be helpful if the error handler did that.
With facebook connect you must put the url of your website in the facebook configuration. It is the canvas URL or web site url/domain in the configuration. If you don't have this set correctly, then facebook will reject your return request.
Devise 1.2 ruby on rails
I'm having difficulty testing sign up. When the user clicks sign up, they're logged in and i should see a flash message. This works but my test fails. Not sure why. How does sign up work? is there some sort of internal redirect that happens? This step fails:
Then I should see "You have registered successfully. If enabled, a confirmation was sent your e-mail."
Confirmation is not enabled in my user model.
Tehcnically, you shouldn't feel the need to unit test the devise mechanism--the gem itself is well-tested. I can understand wanting to make sure it is behaving the way you configured it though, so:
Devise definitely redirects after a successful authentication. It will set the flash message and then redirect either to what you set as the root in your routes file, or if you attempted to access a page within the site and got redirected to the login page, it will redirect you back to the page you were trying to access.
For your test, try testing that you get redirected to what you set as root in your routes.rb fil. I.e. in the devise instructions, it says to set it like
root :to => "home#index"
So, in your test try something like this:
require 'spec_helper'
describe YourController do
include Devise::TestHelpers
before (:each) do
#user = Factory.create(:user)
sign_in #user
end
describe "GET 'index'" do
it "should be successful" do
get 'index'
response.should be_success
end
it "should redirect to root" do
get 'index'
response.should redirect_to(root_url)
end
end
You can add your flash message test to this as well. Hope this helps!