gpt4 book ai didi

ruby - "CSRF detected"与 Omniauth 和谷歌

转载 作者:数据小太阳 更新时间:2023-10-29 06:37:40 26 4
gpt4 key购买 nike

我明白了

OmniAuth::Strategies::OAuth2::CallbackError at /auth/google/callback csrf_detected | CSRF detected

我的代码:

require 'sinatra'
require "sinatra/json"
require "sinatra/config_file"
require 'omniauth-oauth2'
require 'omniauth-google-oauth2'

use Rack::Logger

config_file "config/app_config.yml"
use Rack::Session::Cookie, secret: '5fb7w345y3489f523y4h'

configure do
enable :sessions
end

use OmniAuth::Builder do
provider :google_oauth2, settings.google[:client_id], settings.google[:secret],
{
:scope => "userinfo.profile",
:access_type => "offline",
:prompt => "select_account consent",
:name => "google"
}
end

get '/list' do
json get_list
end

get '/' do
%Q|<a href='/auth/google'>Sign in with Google</a>|
end

get '/auth/:name/callback' do
@auth = request.env['omniauth.auth']
@auth.inspect
end

我的回调返回代码和状态。

最佳答案

/config/initializer/session_store.rb 中定义的域与 google api 控制台中定义的 origin/redirect_uri 不同时,rails 会出现此问题。

MyApp::Application.config.session_store :cookie_store, key: '_app_session', domain: 'my_app.com'

删除域参数或在两侧使用相同的域可以解决问题。

关于ruby - "CSRF detected"与 Omniauth 和谷歌,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/22386149/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com