错误信息:没有路由匹配[GET] "/auth/google_oauth2">
查看页面链接:<%= link_to "Log In with Google", "/auth/google_oauth2" %>
相关宝石:
gem 'omniauth'
gem 'dotenv-rails'
gem 'omniauth-google-oauth2'
初始化文件:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV["GOOGLE_CLIENT_ID"],ENV["GOOGLE_CLIENT_SECRET"], skip_jwt: true
end
我用这个作为我的指南:Medium guide
我已经经历了设置应用程序两次现在在开发人员工具上获得客户端ID和秘密的过程,以防这是问题,两次我都得到了同样的错误。我是编码新手,所以我确信这是非常愚蠢和明显的东西,但我似乎找不到它。谢谢你的帮助!
编辑:我也有在我的路由文件:get '/auth/:provider/callback' => 'sessions#omniauth'
Rails路线:
Prefix Verb URI Pattern Controller#Action
root GET / sessions#home
GET /auth/:provider/callback(.:format) sessions#omniauth
signup GET /signup(.:format) users#new
POST /signup(.:format) users#create
login GET /login(.:format) sessions#new
POST /login(.:format) sessions#create
logout DELETE /logout(.:format) sessions#destroy
user_groups GET /users/:user_id/groups(.:format) groups#index
POST /users/:user_id/groups(.:format) groups#create
new_user_group GET /users/:user_id/groups/new(.:format) groups#new
users GET /users(.:format) users#index
POST /users(.:format) users#create
new_user GET /users/new(.:format) users#new
edit_user GET /users/:id/edit(.:format) users#edit
user GET /users/:id(.:format) users#show
PATCH /users/:id(.:format) users#update
PUT /users/:id(.:format) users#update
DELETE /users/:id(.:format) users#destroy
GET /users(.:format) users#index
POST /users(.:format) users#create
GET /users/new(.:format) users#new
GET /users/:id(.:format) users#show
edit_group GET /groups/:id/edit(.:format) groups#edit
group GET /groups/:id(.:format) groups#show
DELETE /groups/:id(.:format) groups#destroy
categories GET /categories(.:format) categories#index
category GET /categories/:id(.:format) categories#show
cards GET /cards(.:format) cards#index
POST /cards(.:format) cards#create
new_card GET /cards/new(.:format) cards#new
edit_card GET /cards/:id/edit(.:format) cards#edit
card GET /cards/:id(.:format) cards#show
PATCH /cards/:id(.:format) cards#update
PUT /cards/:id(.:format) cards#update
DELETE /cards/:id(.:format) cards#destroy
rails_postmark_inbound_emails POST /rails/action_mailbox/postmark/inbound_emails(.:format) action_mailbox/ingresses/postmark/inbound_emails#create
rails_relay_inbound_emails POST /rails/action_mailbox/relay/inbound_emails(.:format) action_mailbox/ingresses/relay/inbound_emails#create
rails_sendgrid_inbound_emails POST /rails/action_mailbox/sendgrid/inbound_emails(.:format) action_mailbox/ingresses/sendgrid/inbound_emails#create
rails_mandrill_inbound_health_check GET /rails/action_mailbox/mandrill/inbound_emails(.:format) action_mailbox/ingresses/mandrill/inbound_emails#health_check
rails_mandrill_inbound_emails POST /rails/action_mailbox/mandrill/inbound_emails(.:format) action_mailbox/ingresses/mandrill/inbound_emails#create
rails_mailgun_inbound_emails POST /rails/action_mailbox/mailgun/inbound_emails/mime(.:format) action_mailbox/ingresses/mailgun/inbound_emails#create
rails_conductor_inbound_emails GET /rails/conductor/action_mailbox/inbound_emails(.:format) rails/conductor/action_mailbox/inbound_emails#index
POST /rails/conductor/action_mailbox/inbound_emails(.:format) rails/conductor/action_mailbox/inbound_emails#create
new_rails_conductor_inbound_email GET /rails/conductor/action_mailbox/inbound_emails/new(.:format) rails/conductor/action_mailbox/inbound_emails#new
edit_rails_conductor_inbound_email GET /rails/conductor/action_mailbox/inbound_emails/:id/edit(.:format) rails/conductor/action_mailbox/inbound_emails#edit
rails_conductor_inbound_email GET /rails/conductor/action_mailbox/inbound_emails/:id(.:format) rails/conductor/action_mailbox/inbound_emails#show
PATCH /rails/conductor/action_mailbox/inbound_emails/:id(.:format) rails/conductor/action_mailbox/inbound_emails#update
PUT /rails/conductor/action_mailbox/inbound_emails/:id(.:format) rails/conductor/action_mailbox/inbound_emails#update
DELETE /rails/conductor/action_mailbox/inbound_emails/:id(.:format) rails/conductor/action_mailbox/inbound_emails#destroy
rails_conductor_inbound_email_reroute POST /rails/conductor/action_mailbox/:inbound_email_id/reroute(.:format) rails/conductor/action_mailbox/reroutes#create
rails_service_blob GET /rails/active_storage/blobs/:signed_id/*filename(.:format) active_storage/blobs#show
rails_blob_representation GET /rails/active_storage/representations/:signed_blob_id/:variation_key/*filename(.:format) active_storage/representations#show
rails_disk_service GET /rails/active_storage/disk/:encoded_key/*filename(.:format) active_storage/disk#show
update_rails_disk_service PUT /rails/active_storage/disk/:encoded_token(.:format) active_storage/disk#update
rails_direct_uploads POST /rails/active_storage/direct_uploads(.:format) active_storage/direct_uploads#create
根据OmniAuth版本(2.0.0):
OmniAuth现在默认只允许POST作为request_phase方法
:
# Gemfile
gem 'omniauth-rails_csrf_protection', '~> 0.1'
Change Links toPOSTrequests:
link_to "Log In with Google", "/auth/google_oauth2", method: :post
# or
button_to "Log In with Google", "/auth/google_oauth2"
如果您仍然需要GET请求,请添加知道存在安全问题:
# config/initializers/omniauth.rb or similar
OmniAuth.config.allowed_request_methods = [:post, :get]
For omniauth <2.0.0
考虑这里描述的CVE修复。
OmniAuth现在默认只允许POST作为request_phase方法
你需要更新所有get请求post请求。
在视图文件中,你可以用表单和提交按钮代替锚标记
<a href='/auth/developer'>Login with Developer</a>
上面的代码可以替换为以下代码:-
<%= form_tag('/auth/developer', method: 'post') do %>
<button type='submit'>Login with Developer</button>
<% end %>
如果你不想使用post方法,您可以添加以下代码:
配置初始化/omniauth.rb
OmniAuth.config.allowed_request_methods = [:post, :get]
OmniAuth.config.silence_get_warning = true
点击此处查看更多信息。
我正在经历这个确切的错误,除了它在我的主布局上工作良好,但在着陆页布局上不工作(我有2个不同的布局)
签名链接
<%= link_to '/auth/google_oauth2', method: :post, :class => "btn-get-started font-weight-semibold" do %>
<span class="text-pink-400">
<i class="icon-cart2 mr-2"></i> Order
</span>
<% end %>
链接方法显然是:post,但错误报告缺少get路由
修复了这个问题,确保登陆页布局有所有需要的javascript
<%= javascript_pack_tag 'application' %>
我从Rails 6升级到Rails 6后得到这个错误。我的旧链接:
<%= link_to "log in", '/auth/xxx/', method: :post %>
不再生成POST请求。这是因为rails - js不是
参见Rails API: Deprecated: Rails UJS Attributes和Rails Guide for Rails 7: Working with JavaScript。
设置方法的新方法是使用数据{"turbo-method"…}
<%= link_to "log in", '/auth/xxx/', data: { "turbo-method": :post } %>
但是在我的情况下,这也不起作用,因为这是默认情况下用JavaScript发送的,这打乱了我的oauth2流。我最终使用button_to代替。button_to默认使用post,这是我需要的,我可以禁用turbo并将HTTP请求转换为正常请求,避免CORS和oauth的问题:
<%= button_to "log in", '/auth/fhs/', data: { "turbo": false } %>