I'm using OmniAuth Identity for normal logins. Rails 3.2.3 and Ruby 1.9.3p194.
Currently, when an existing user attempts to login with invalid credentials, I get the following error:
Started POST "/auth/identity/callback" for 127.0.0.1 at 2012-07-12 17:00:03 -0400
(identity) Callback phase initiated.
Identity Load (0.1ms) SELECT "identities".* FROM "identities" WHERE "identities"."email" = 'test' LIMIT 1
(identity) Authentication failure! invalid_credentials encountered.
OmniAuth::Error (invalid_credentials):
omniauth (1.1.0) lib/omniauth/failure_endpoint.rb:25:in `raise_out!'
omniauth (1.1.0) lib/omniauth/failure_endpoint.rb:20:in `call'
omniauth (1.1.0) lib/omniauth/failure_endpoint.rb:12:in `call'
omniauth (1.1.0) lib/omniauth/strategy.rb:457:in `fail!'
omniauth-identity (1.0.0) lib/omniauth/strategies/identity.rb:24:in `callback_phase'
omniauth (1.1.0) lib/omniauth/strategy.rb:219:in `callback_call'
omniauth (1.1.0) lib/omniauth/strategy.rb:175:in `call!'
omniauth (1.1.0) lib/omniauth/strategy.rb:157:in `call'
omniauth (1.1.0) lib/omniauth/strategy.rb:177:in `call!'
omniauth (1.1.0) lib/omniauth/strategy.rb:157:in `call'
omniauth (1.1.0) lib/omniauth/builder.rb:48:in `call'
sass (3.1.19) lib/sass/plugin/rack.rb:54:in `call'
warden (1.2.1) lib/warden/manager.rb:35:in `block in call'
warden (1.2.1) lib/warden/manager.rb:34:in `catch'
warden (1.2.1) lib/warden/manager.rb:34:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/best_standards_support.rb:17:in `call'
rack (1.4.1) lib/rack/etag.rb:23:in `call'
rack (1.4.1) lib/rack/conditionalget.rb:35:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/head.rb:14:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/params_parser.rb:21:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/flash.rb:242:in `call'
rack (1.4.1) lib/rack/session/abstract/id.rb:205:in `context'
rack (1.4.1) lib/rack/session/abstract/id.rb:200:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/cookies.rb:338:in `call'
activerecord (3.2.3) lib/active_record/query_cache.rb:64:in `call'
activerecord (3.2.3) lib/active_record/connection_adapters/abstract/connection_pool.rb:467:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
activesupport (3.2.3) lib/active_support/callbacks.rb:405:in `_run__2431360578939212022__call__3674666166259335855__callbacks'
activesupport (3.2.3) lib/active_support/callbacks.rb:405:in `__run_callback'
activesupport (3.2.3) lib/active_support/callbacks.rb:385:in `_run_call_callbacks'
activesupport (3.2.3) lib/active_support/callbacks.rb:81:in `run_callbacks'
actionpack (3.2.3) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/reloader.rb:65:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/remote_ip.rb:31:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
railties (3.2.3) lib/rails/rack/logger.rb:26:in `call_app'
railties (3.2.3) lib/rails/rack/logger.rb:16:in `call'
quiet_assets (1.0.1) lib/quiet_assets.rb:20:in `call_with_quiet_assets'
actionpack (3.2.3) lib/action_dispatch/middleware/request_id.rb:22:in `call'
rack (1.4.1) lib/rack/methodoverride.rb:21:in `call'
rack (1.4.1) lib/rack/runtime.rb:17:in `call'
activesupport (3.2.3) lib/active_support/cache/strategy/local_cache.rb:72:in `call'
rack (1.4.1) lib/rack/lock.rb:15:in `call'
actionpack (3.2.3) lib/action_dispatch/middleware/static.rb:62:in `call'
railties (3.2.3) lib/rails/engine.rb:479:in `call'
railties (3.2.3) lib/rails/application.rb:220:in `call'
rack (1.4.1) lib/rack/content_length.rb:14:in `call'
railties (3.2.3) lib/rails/rack/debugger.rb:20:in `call'
railties (3.2.3) lib/rails/rack/log_tailer.rb:14:in `call'
rack (1.4.1) lib/rack/handler/webrick.rb:59:in `service'
/Users/andrew/.rvm/rubies/ruby-1.9.3-p194/lib/ruby/1.9.1/webrick/httpserver.rb:138:in `service'
/Users/andrew/.rvm/rubies/ruby-1.9.3-p194/lib/ruby/1.9.1/webrick/httpserver.rb:94:in `run'
/Users/andrew/.rvm/rubies/ruby-1.9.3-p194/lib/ruby/1.9.1/webrick/server.rb:191:in `block in start_thread'
I'd like to be able to add some sort of error handler or rescue to this form, but I'm not sure how to. Here is the form:
sessions/new.html.haml
%p
%strong Don’t use these services?
= link_to "Create an account", new_identity_path
or login below
= form_tag "/auth/identity/callback" do
.field
= label_tag :auth_key, "Email"
%br
= text_field_tag :auth_key
.field
= label_tag :password
%br
= password_field_tag :password
My session controller:
sessions_controller.rb
class SessionsController < ApplicationController
def create
debugger
user = User.from_omniauth(env["omniauth.auth"])
puts "ENVIRONMENT VARIABLE: #{env["omniauth.auth"].inspect}"
puts "This is the user id: #{user.id}"
session[:user_id] = user.id
redirect_to root_url, notice: "Signed in!"
end
def destroy
session[:user_id] = nil
redirect_to root_url, notice: "Signed out!"
end
def failure
redirect_to signup_path, alert: "Authentication failed, please try again."
end
end
.actions= submit_tag "Login"
My user model:
user.rb
class User < ActiveRecord::Base
attr_accessible :email, :name, :provider, :uid
validates_presence_of :email
validates_uniqueness_of :email
validates_format_of :email, :with => /^[-a-z0-9_+\.]+\@([-a-z0-9]+\.)+[a-z0-9]{2,4}$/i
def self.from_omniauth(auth)
where(auth.slice("provider", "uid")).first || create_from_omniauth(auth)
end
def self.create_from_omniauth(auth)
puts "Auth object: #{auth.inspect}"
create! do |user|
user.provider = auth["provider"]
user.uid = auth["uid"]
user.name = auth["info"]["name"]
user.email = auth["info"]["email"]
user.admin = false
end
end
end
My OmniAuth config file:
omniauth.rb
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :github, ENV['6c268d450fb1149afc3d'], ENV['1dba63b45a0c8b7e62dea9fc5c9a8f69bf6142b1']
provider :identity, on_failed_registration: lambda { |env|
IdentitiesController.action(:new).call(env)
}
end
I tried adding something like this to end of my sessions#create action:
rescue OmniAuth::Error
flash[:error] = "invalid credentials"
redirect_to signup_path
But I still just got the original error message on invalid login. What can I do to handle invalid OmniAuth Identity logins?
Update:
The solution was to add the following code the omniauth.rb:
OmniAuth.config.on_failure = Proc.new { |env|
OmniAuth::FailureEndpoint.new(env).redirect_to_failure
}
And a failure method to sessions_controller.rb:
def failure
redirect_to login_path, alert: "Authentication failed, please try again."
end
(And an obligatory server restart)