I've added the following in my config/routes.rb file:
match 'login' => 'sessions#new'
match 'logout' => 'sessions#destroy'
match 'auth/:provider/callback' => 'sessions#create'
match 'auth/failure' => 'sessions#new'
match 'sessions/delegate' => 'sessions#delegate'
This allows me to have my own custom login form that authenticates through OmniAuth and an OpenID provider in this case. The routes and the code works well, but I have a problem with writing functional tests for the SessionsController.
Testing the new action works well:
test "show login form when requesting new session" do
get :new
assert_response :success
end
But testing the create action gives me an exception: ActionController::RoutingError: No route matches {:controller=>"sessions", :action=>"create"}
The code is like this:
test "create session adds logged in user" do
request.env['rack.auth'] = {:uid => auths(:one).open_id, :provider => 'open_id'}
post :create
# assert that create action did it's things here
end
I've tried to replace the post with a get but the result is the same.
Why is the one action found, and not the other?
Presumably it's getting confused because you're not supplying the :provider key from the match pattern. You might find it clearer to specify names for these non-resourceful routes, like:
match 'auth/:provider/callback' => 'sessions#create', as: 'callback'
This will allow you to post callback_path(provider: whatever) in your test, I think :-)
Related
I'm working on a Rails-based API. I recently started attempting to version it. (I'm using the Versionist gem, in case it matters) One version ('v2') uses Devise and Omniauth to authenticate users through Facebook/Twitter.
I want all the routes associated with this version to have the appropriate version prefix (so users/:username/foo becomes v2/users/:username/foo, etc.), but I've already found out that putting devise_for inside the api_version block prevents the Devise helpers (current_user, user_signed_in?, etc.) from working, so it continues to live outside the block:
routes.rb:
devise_for :user, :path => '', :controllers => {:omniauth_callbacks => 'users/omniauth_callbacks'}, :skip => [:registrations, :confirmations, :sessions, :passwords]
api_version(:module => "V2", :path=>"v2") do
resources :authentications, :only => [:update, :destroy]
devise_scope :user do
post 'login' => 'sessions#create', :as => 'user_session'
get 'logout' => 'sessions#destroy'
post 'password' => 'devise/passwords#create'
put 'password' => 'devise/passwords#update'
end
end
Everything seemed great... except the Devise-generated omniauth routes:
rake routes output:
user_omniauth_authorize /auth/:provider(.:format)
user_omniauth_callback /auth/:action/callback(.:format)
Now, some google-fu revealed that there's a devise configuration setting for this, so I added the following to our devise initializer (config/initializers/devise.rb):
Devise.setup do |config|
config.omniauth_path_prefix = 'v2/auth'
end
Now, rake routes produces paths that look sensible:
user_omniauth_authorize /v2/auth/:provider(.:format) v2/users/omniauth_callbacks#passthru {:provider=>/(?!)/}
user_omniauth_callback /v2/auth/:action/callback(.:format) v2/users/omniauth_callbacks#(?-mix:(?!))
However, when I attempt to access this route by calling api.localhost/v2/auth/facebook, I get a routing error:
ActionController::RoutingError (No route matches [GET] "/v2/auth/facebook")
Any idea what's going on here?
You are missing the provider name in the routes so they don't match the facebook part in /v2/auth/facebook. The correct route destination should look something like v2/users/omniauth_callbacks#(?-mix:facebook).
Have you specified the provider in the user model?
devise_for ..., :omniauthable, :omniauth_providers => [:facebook]
For the record, I'm using Rails 3.2 and Devise 3.0 and the altered route seems to work (I haven't gone further yet to see if something else will break).
I'm playing with a test rails app. However I stumbled on a problem I can't resolve.
I've a users controller and in it there's an activate method.
In the routes.rb file I have
match 'activate/:email/:validation_code' => 'users#activate', :as => :activate_user, :via => :get
After that I try to use activate_user_path(#user) but a routing error is raised.
No route matches {:controller=>"users", :action=>"activate", :email=>#<User id: 12, email: "someone#test.test", validation_code: "zbBPLQUsBgPvEJfcjxmXuxFxuJAKEoqQNASkbybihpnmzSbhxdC...", active: false, created_at: "2011-11-10 14:56:23", updated_at: "2011-11-10 14:56:23">}
Running rake routes shows the routing is there:
activate_user GET /activate/:email/:validation_code(.:format) {:controller=>"users", :action=>"activate"}
I tried searching for this problem, but usually this happens when you forget to pass the object that's needed to build the route.
All help is appreciated :)
I would make sure you are actually invoking a GET and not a POST as the method.
If you are submitting a form, it defaults to POST, which would mean you don't have a matching route, the route you listed above only works for GET requests.
Does activate_user_path(:email => #user.email, :validataion_code => #user.validation_code) works for you?
EDIT
I don't know why, but when I've changed:
validation_code to code it works.
match 'activate/:email/:code' => 'users#activate', :as => :activate_user, :via => :get
Probably in rails you can't use var names in routes with underscore, but this has to be verified.
I'm trying to write tests for authentication with Twitter and Facebook. I am using Devise and Omniauth. When I try it out it works correctly, but I can't get the tests to pass for it.
I'm following instructions, but it isn't in depth enough for me, plus I'm doing things a little differently (already have some code base). I have a custom controllers for omniauth_callbacks and registrations.
My problem is that when I run the tests it says:
(::) failed steps (::)
No route matches "/oauth/authorize" (ActionController::RoutingError)
<internal:prelude>:10:in `synchronize'
(eval):2:in `click_link'
./features/step_definitions/web_steps.rb:57:in `/^(?:|I )follow "([^"]*)"$/'
features/link_twitter.feature:19:in `And I link twitter'
Failing Scenarios:
cucumber features/link_twitter.feature:16 # Scenario: User links twitter
Where is this /oauth/authorize route coming from and how do I handle that?
It does not look like it is getting to my OmniauthCallbacksController. It follows the link and then dies. I think it has to do with Omniauth's call back method during test mode, but I'm not sure how to change / manage that.
Update: Here are my routes for Devise.
devise_for :users, :controllers => {
:omniauth_callbacks => "users/omniauth_callbacks",
:registrations => 'registrations',
:passwords => 'passwords',
:sessions => 'sessions',
:confirmations => 'confirmations'
} do
match 'confirmations/unconfirmed' => 'confirmations#unconfirmed', :as => :unconfirmed
match 'confirmations/send_advisor_confirmation/:id' => 'confirmations#unregistered_advisor_confirmation', :as => :send_advisor_confirmation
get '/users/auth/:provider' => 'users/omniauth_callbacks#passthru'
end
I forgot to put the following into env.rb
# features/support/env.rb
OmniAuth.config.test_mode = true
For more information read about the testing here.
This function is defined in the application_help.rb:
def gravatar_url_for(email, options = {})
url_for(
{
:protocol => 'http://',
:host => 'www.gravatar.com',
:controller => 'avatar',
# :controller => 'avatar.php',
:gravatar_id => Digest::MD5.hexdigest(email),
:only_path => false
}.merge(options)
)
end
It's used in views:
<%= image_tag(gravatar_url_for user.email, {:d => 'identicon', :s => 32, :r => 'g'}) %>
Occasionally, its usage will result in a routing error:
No route matches {:controller=>"avatar", :d=>"identicon", :r=>"g", :gravatar_id=>"486575e581db04b7c8ca218af8488657", :s=>32}
A valid email is being supplied when the error occurs.
If I replace the url_for() with this logic, it works as expected:
url_for("http://www.gravatar.com/avatar/" + Digest::MD5.hexdigest(email) + "?d=identicon&s=40&r=g")
** edit **
I had removed the following line from the routes.rb file:
# This is a legacy wild controller route that's not recommended for RESTful applications.
# Note: This route will make all actions in every controller accessible via GET requests.
match ':controller(/:action(/:id(.:format)))'
Is there a way to get the url_for to work without the 'legacy wild controller route'?
You might want to take a look at the Gravtastic plugin for Rails which supports Gravatar images in both Ruby and JavaScript.
I am porting a Merb app to Rails 3. In Merb we could put an Identify block around a route to define how an :id route parameter was to be supplied, e.g.,
# this is a Merb route that I want to port to Rails 3 routing; I get everything except
# how to replicate the behavior of Merb's Identify block which doesn't require one to
# futz with overriding to_param on user; a user instance gets passed to the url builder
# ala url(:edit_password_reset, user) and this tells the router to use the
# reset_password_token method on user to supply the :id value for this one route
Identify User => :reset_password_token do
match("/reset-password/:id", :method => :get).to(:controller => "password_resets", :action => "edit").name(:edit_password_reset)
end
# and then later define more routes that use the user's id without a problem
# since to_param was not overridden on user; here I have already translated to
# Rails 3 and this works fine
controller :users do
get "/register", :action => "new", :as => "new_user"
get "/users", :action => "index", :as => "users"
get "/users/:id", :action => "show", :as => "show_user"
get "/users/:id/edit", :action => "edit", :as => "edit_user"
put "/users/:id", :action => "update", :as => "update_user"
post "/users", :action => "create", :as => "create_user"
end
In Rails, as in Merb, you can override to_param to provide an alternative id value for routes, but for a case where one time you want to use an id and another time you want to use a different method on the same object (as above), Identify is convenient. What is the Rails 3 equivalent? I looked through the Rails 3 source and tests and didn't see anything equivalent to Identify. Did I miss it?
I can refactor things and maybe should to not need it in this case, but still I would like to know if I missed something.
Thanks.
I came across the same problem; turns out the best way is to skip to_param entirely when calling a url or path. For instance:
# This will set params[:id] to #user.to_param
edit_password_reset_url(#user)
# This will set params[:id] to #user.reset_password_token
edit_password_reset_url(#user.reset_password_token)
In other words, to_param is only called when passing a record to the url helpers; if you pass it a string instead, it will just parse the string.