OmniAuth::NoSessionError - You must provide a session to use OmniAuth. (configured in devise)

前端 未结 2 1345
感动是毒
感动是毒 2021-02-04 09:12

Hi I am learning how to use omniauth as backend for ember app.

when i run my application I get the below mentioned erroe OmniAuth::NoSessionError - You must provide a se

2条回答
  •  臣服心动
    2021-02-04 09:18

    It is because you disabled the session middleware (look at the output of rake middleware). Omniauth will not work without the session middleware.

    You disabled it here: Rails.application.config.session_store :disabled

    If you are trying to ditch session because you do not use it other than for Omniauth, then the only thing you can do is write your own middleware that injects ActionDispatch::Session::CookieStore and possibly other necessary middlewares based on the URL (i.e. if the URL is /auth/*). Here is an example of what I use to achieve this (only uses session if URL path is not /api/...):

    # /config/application.rb
    config.middleware.insert_before ActionDispatch::ParamsParser, "SelectiveStack"
    
    # /config/initializers/omniauth.rb
    ::OmniAuthConfig = Proc.new do
      provider :github, # ...
    end
    
    # /app/middleware/selective_stack.rb
    class SelectiveStack
      def initialize(app)
        @app = app
      end
    
      def call(env)
        if env["PATH_INFO"].start_with?("/api/") # <--- Change URL path here
          @app.call(env)
        else
          middleware_stack.build(@app).call(env)
        end
      end
    
    private
      def middleware_stack
        @middleware_stack ||= begin
          ActionDispatch::MiddlewareStack.new.tap do |middleware|
            # needed for OmniAuth
            middleware.use ActionDispatch::Cookies
            middleware.use Rails.application.config.session_store, Rails.application.config.session_options
            middleware.use OmniAuth::Builder, &OmniAuthConfig
            # needed for Doorkeeper /oauth views
            middleware.use ActionDispatch::Flash
          end
        end
      end
    end
    

    In this example I only enable the session middleware when the URL does not start with /api/. You will still need to remove Rails.application.config.session_store :disabled and properly set up your session store, of course. In my example I use the cookie store. You might need to tweak my example based on which middleware you are missing in rake middleware. But if you're not doing this for performance reasons then just reenable the session middleware.

提交回复
热议问题