Omniauth authentication denied error
I am using omniauth and omniauth-identity to authenticate with Google, Facebook and traditional username / password. It all works pretty well for me, except for the case when authentication fails. On failure, such as entering an incorrect password, omniauth will call /auth/failure
. I mapped this to a controller that redirects to the appropriate page and presents a flash message. The problem I have is I cannot get the flash to actually display. Sample code:
In routes.rb
:
match "/auth/failure" => "sessions#failure"
In the controller, it calls:
def failure
redirect_to root_url, alert: "Authentication failed, please try again."
end
I feel like the flash is getting lost due to a combination of what omniauth does and redirection. I know the view code is correct because it will flash other things like successful login message. I would appreciate suggestions on how to set up my example to display a flash message, or suggestions for an alternative omniauth failover mechanism. Thank.
source to share
I have the same problem in my last project. This is mistake. Add the following monkey patch to your config / initializers / omniauth.rb
# Omniauth failure monkey patch
on_failure do |env|
message_key = env['omniauth.error.type']
origin_query_param = env['omniauth.origin'] ? "&origin=#{CGI.escape(env['omniauth.origin'])}" : ""
strategy_name_query_param = env['omniauth.error.strategy'] ? "&strategy=#{env['omniauth.error.strategy'].name}" : ""
extra_params = env['omniauth.params'] ? "&#{env['omniauth.params'].to_query}" : ""
new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}#{origin_query_param}#{strategy_name_query_param}#{extra_params}"
Rack::Response.new(["302 Moved"], 302, 'Location' => new_path).finish
end
source to share