1. 首页
  2. 问答
  3. ::加载ActiveModel :: MassAssignmentSecurity错误

::加载ActiveModel :: MassAssignmentSecurity错误

2012-06-18 48 views
3

嗨,我使用设计和omniauth到autenticate Facebook登录,但我得到了以下错误:::加载ActiveModel :: MassAssignmentSecurity错误

Can't mass-assign protected attributes: token 
app/models/user.rb:20:in `apply_omniauth' 
app/controllers/authentications_controller.rb:19:in `create'

这种用户模型:

class User < ActiveRecord::Base 

    # The relationship between the User and Authentication model 
    has_many :authentications, :dependent => :delete_all 

    # Include default devise modules. Others available are: 
    # :token_authenticatable, :confirmable, 
    # :lockable, :timeoutable and :omniauthable 
    devise :database_authenticatable, :registerable, 
     :recoverable, :rememberable, :trackable, :validatable 

    # Setup accessible (or protected) attributes for your model 
    attr_accessible :email, :password, :password_confirmation, :remember_me, 
    # attr_accessible :title, :body 

    def apply_omniauth(auth) 
    # In previous omniauth, 'user_info' was used in place of 'raw_info' 
    self.email = auth['extra']['raw_info']['email'] 
    authentications.build(:provider => auth['provider'], :uid => auth['uid'], :token => auth['credentials']['token']) 
    end 

end

这是我的验证控制器:

class AuthenticationsController < ApplicationController 
    def index 
    @authentications = current_user.authentications if current_user 
    end 

    def create 
    auth = request.env["omniauth.auth"] 

    # Try to find authentication first 
    authentication = Authentication.find_by_provider_and_uid(auth['provider'], auth['uid']) 

    if authentication 
     # Authentication found, sign the user in. 
     flash[:notice] = "Signed in successfully." 
     sign_in_and_redirect(:user, authentication.user) 
    else 
     # Authentication not found, thus a new user. 
     user = User.new 
     user.apply_omniauth(auth) 
     if user.save(:validate => false) 
     flash[:notice] = "Account created and signed in successfully." 
     sign_in_and_redirect(:user, user) 
     else 
     flash[:error] = "Error while creating a user account. Please try again." 
     redirect_to root_url 
     end 
    end 
    end 

    def destroy 
    @authentication = Authentication.find(params[:id]) 
    @authentication.destroy 
    redirect_to authentications_url, :notice => "Successfully destroyed authentication." 
    end 
end

有人可以解释为什么我得到这个错误,以及我如何解决它?

来源

2012-06-18 SHUMAcupcake

回答

1

:token添加到认证模型中的attr_accessible行应该做的伎俩。

来源

2012-06-18 22:13:40

+0

不,那剂量的工作伴侣。 – SHUMAcupcake

+0

我收到以下错误:unknown属性:令牌 – SHUMAcupcake

+0

我的不好,'token'是身份验证模型 –

相关问题

 相关问题