We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
Gem oauth2 does not need to be required directly since omniauth-facebook depends on it and it will be installed anyway.
Changed `users/sessions#new` into `devise/sessions#new`. Same for `#destroy`. There is no Users::SessionsController.
Updated OmniAuth: Overview (markdown)
Fix initial Gemfile where we add OmniAuth OAuth
explained process of adding required columns to User table.
Adding specific mention of what "our model" is referencing.
Added a check at new_with_session on whether the email was blank or not. otherwise the user will not be able to change the email used for registration.
indd
Fix of security issue...
if you bang the user creation, the else case of @user.persisted? in Users::OmniauthCallbacksController#facebook will never be called.
Revert 266864b9aeb6396cb46f861916a8f7b094ac8751^ ... 266864b9aeb6396cb46f861916a8f7b094ac8751
Destroyed OmniAuth: Overview (markdown)
When using the Google code sample (but with my corporate OpenID provider) I found that I didn't get redirected back to the protected page after login. It turned out that :verify_authenticity_token was wiping my session because no token was present. But I don't think the OpenID server will ever send a token.
I just got through this, pretty annoying and there are a lot of old and misleading threads connecting Omniauth / Devise / Facebook. Hopefully this will keep people from wasting their time debugging this.
Remove (my) bad code
updated sample code, google returns a slightly different result now
Reversing recent update as original was correct
syntax error in User::OmniauthCallbacksController declaration
Clarified that the "catch all" route is only needed if you have route globbing. Otherwise it's a confusing and needless step.