I'm using Omniauth as my only method for signing into my Rails application.
The issue is: When a user clicks "Logout", the page reloads and the Logout link is still there (despite if user_signed_in? logic wrapping it). Which leads me to believe that users aren't actually getting logged out
Here's my index.html.erb:
<% if user_signed_in? %>
<%= link_to "Authenticate with Google", user_omniauth_authorize_path(:google_oauth2) %>
<% else %>
<%= link_to('Logout', destroy_user_session_path, :method => :delete) %>
<% end %>
And my user.rb
def self.from_omniauth(auth)
if user = User.find_by_email(auth.info.email)
user.provider = auth.provider
user.uid = auth.uid
user
else
where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
user.provider = auth.provider
user.uid = auth.uid
user.email = auth.info.email # THIS (user.email) value i want to provide to my registration form as default value
end
end
end
And my omniauth_callbacks_controller.rb:
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
skip_before_filter :redirect_to_login_if_required
def google_oauth2
@user = User.from_omniauth(request.env["omniauth.auth"])
if @user.persisted?
sign_in_and_redirect @user, :event => :authentication
return
else
session["devise.user_attributes"] = @user.attributes
redirect_to new_user_registration_path
end
end
end
And my routes.rb:
devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }
Unfortunately it's not bringing me back an error. It's just refreshing the index page as if nothing happened.
Edit: Here's the POST when I click Logout
Started DELETE "/users/sign_out" for ::1 at 2015-07-06 11:00:22 -0400
Processing by Devise::SessionsController#destroy as HTML
Parameters: {"authenticity_token"=>"7QXScU8eVW6NVedKG5P86rPxkaP8uJdUzyJ712ZrYXtK7QjP/m33eQ2WE/ituUvFQ2GeenXLRBaiVibxEjHG6w=="}
Redirected to http://localhost:3000/
Filter chain halted as :verify_signed_out_user rendered or redirected
Completed 302 Found in 1ms (ActiveRecord: 0.0ms)
Edit 2: I've included this in my application_controller.rb
before_action :authenticate_user!
And now the error message I'm getting in the console is:
Started GET "/users/auth/google_oauth2/callback?state=c92f3f9e0a8db79485e56ec2a1defd91949e8e7d99a02130&code=4/pgl_HZFw113L7VJ-rSaV9-JYngABkfgx7lqRm06Dyqg" for ::1 at 2015-07-06 16:12:14 -0400
I, [2015-07-06T16:12:14.739138 #2442] INFO -- omniauth: (google_oauth2) Callback phase initiated.
Processing by OmniauthCallbacksController#google_oauth2 as HTML
Parameters: {"state"=>"c92f3f9e0a8db79485e56ec2a1defd91949e8e7d99a02130", "code"=>"4/pgl_HZFw113L7VJ-rSaV9-JYngABkfgx7lqRm06Dyqg"}
User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."email" = ? LIMIT 1 [["email", "[email protected]"]]
(0.1ms) begin transaction
SQL (0.4ms) UPDATE "users" SET "last_sign_in_at" = ?, "current_sign_in_at" = ?, "sign_in_count" = ?, "updated_at" = ? WHERE "users"."id" = ? [["last_sign_in_at", "2015-07-06 20:11:47.636852"], ["current_sign_in_at", "2015-07-06 20:12:15.365770"], ["sign_in_count", 42], ["updated_at", "2015-07-06 20:12:15.366734"], ["id", 4]]
(1.4ms) commit transaction
Redirected to http://localhost:3000/
Completed 302 Found in 15ms (ActiveRecord: 2.1ms)
Started GET "/" for ::1 at 2015-07-06 16:12:15 -0400
Processing by ProductlinesController#index as HTML
Completed 401 Unauthorized in 0ms (ActiveRecord: 0.0ms)
I would recommend switching the if to unless, so it shows the logout link when the user is signed in.
When using devise, an alternative way of displaying the corrects links is: