我正在使用 OmniAuth 在我的应用程序中访问 Facebook。我正在使用 fb_graph gem:https://github.com/nov/fb_graph https://github.com/nov/fb_graph发布到 Facebook。我正在 Heroku 上为此应用程序运行omniauth-0.3.0。当用户稍后登录时,我在创建用户时保存的令牌会发生更改。
创建用户的代码
class SessionsController < ApplicationController
def create
auth = request.env["omniauth.auth"]
user = User.find_by_provider_and_uid(auth["provider"], auth["uid"])||
User.create_with_omniauth(auth)
session[:user_id] = user.id
redirect_to root_url, :notice => "Signed in!"
end
用户模型是:
def self.create_with_omniauth(auth)
create! do |user|
user.provider = auth["provider"]
user.uid = auth["uid"]
user.name = auth["user_info"]["name"]
user.token = auth["credentials"]["token"]
end
end
我现在在大约 30% 的用户身上看到这个错误 -
FbGraph::InvalidToken (OAuthException :: Error validating access token: Session does not match current stored session. This may be because the user changed the password since the time the session was created or Facebook has changed the session for security reasons.)
我看到 OmniAuth 最近修复了过期令牌问题:
https://github.com/soopa/omniauth/commit/67bdea962e3b601b8ee70e21aedf5e6ce1c2b780 https://github.com/soopa/omniauth/commit/67bdea962e3b601b8ee70e21aedf5e6ce1c2b780
我使用此代码尝试刷新访问令牌。但是,我仍然遇到同样的错误。有人可以指出我缺少什么吗?有没有其他方法可以在用户每次登录时更新令牌?
唯一有效的解决方案是每次用户登录时创建一个新用户(我根本不喜欢这个解决方案):
def create
auth = request.env["omniauth.auth"]
user = User.create_with_omniauth(auth)
session[:user_id] = user.id
redirect_to root_url, :notice => "Signed in!"
end
Thanks!