サインイン後、ユーザーは、authenticate_user! によって保護されているコントローラーにリダイレクトされます。
before_filter :authenticate_user!
Rails 3.2.8 では、これは認証されず、'Completed 401 Unauthorized' を返します。
ただし、Rails 3.2.7 で動作しますが、account_id をフォーム (HAML) に追加した場合のみです。
= f.hidden_field :account_id, :value => @account.id
その隠しフィールドを追加すると、ログに次のクエリが表示されます。
User Load (0.5ms) SELECT "users".* FROM "users" WHERE "users"."email" = 'email@gmail.com' AND "users"."account_id" = 41 LIMIT 1
ただし、account_id 非表示フィールドを削除すると、ユーザーのクエリは実行されず、ログには同じ「Completed 401 Unauthorized」メッセージが表示されます。
account_id の有無にかかわらず、Rails 3.2.8 では機能しません。
私は最新のDevise(2.1.2)を使用しています
この問題は長い間私を悩ませてきたので、助けていただければ幸いです。
編集:
私はこれをroutes.rbに持っています:
devise_for :users, :controllers => { :passwords => "passwords", :sessions => "sessions", :omniauth_callbacks => "users/omniauth_callbacks" }
そして私のイニシャライザ/devise.rb:
Devise.setup do |config|
# ==> Mailer Configuration
# Configure the e-mail address which will be shown in DeviseMailer.
config.mailer_sender = "info@mydomain.com"
# Configure the class responsible to send e-mails.
# config.mailer = "Devise::Mailer"
# ==> ORM configuration
# Load and configure the ORM. Supports :active_record (default) and
# :mongoid (bson_ext recommended) by default. Other ORMs may be
# available as additional gems.
require 'devise/orm/active_record'
# omniauth stuff
require "omniauth-facebook"
require 'openid/store/filesystem'
config.omniauth :facebook, "#key", "#secret"
config.omniauth :open_id, :store => OpenID::Store::Filesystem.new('/tmp'), :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id', :require => 'omniauth-openid'
# ==> Configuration for any authentication mechanism
# Configure which keys are used when authenticating a user. The default is
# just :email. You can configure it to use [:username, :subdomain], so for
# authenticating a user, both parameters are required. Remember that those
# parameters are used only when authenticating and not when retrieving from
# session. If you need permissions, you should implement that in a before filter.
# You can also supply a hash where the value is a boolean determining whether
# or not authentication should be aborted when the value is not present.
config.authentication_keys = [ :email, :account_id ]
# Configure which authentication keys should be case-insensitive.
# These keys will be downcased upon creating or modifying a user and when used
# to authenticate or find a user. Default is :email.
config.case_insensitive_keys = [ :email ]
# Configure which authentication keys should have whitespace stripped.
# These keys will have whitespace before and after removed upon creating or
# modifying a user and when used to authenticate or find a user. Default is :email.
config.strip_whitespace_keys = [ :email ]
config.stretches = 10
config.reset_password_within = 2.hours
config.navigational_formats = [:"*/*", "*/*", :html, :mobile]
config.sign_out_via = :delete
end