ruby-on-rails – 设计令牌身份验证保存Facebook信息

def facebook
  @graph = Koala::Facebook::API.new(oauth_params[:token],ENV["FACEBOOK_SECRET"])
  @profile = @graph.get_object("me?fields=email,first_name,last_name,picture.type(large)")

  unless @user = User.where(email: @profile["email"])&.first
    @user = User.new(email: @profile["email"])
  end
  #
  # Here you will make your logic for saving Facebook's data on your User model,# customize accordingly
  #
  if @user.new_record?
    p = SecureRandom.urlsafe_base64(nil,false)
    @user.password = p
    @user.password_confirmation = p
    #
    # "Passwordless" login,user must set password after registering,# or be forever haunted by indecipherable SecureRandom value
    #
    @user.name = @profile["first_name"]+ " " + @profile["last_name"]
    @user.remote_avatar_url = @profile["picture"]["data"]["url"]
    @user.confirmed_at = Time.now
    @user.uid = @profile["id"]
    @user.provider = 'Facebook'
  end

  @client_id = SecureRandom.urlsafe_base64(nil,false)
  @token     = SecureRandom.urlsafe_base64(nil,false)
  @user.tokens[@client_id] = {
    token: BCrypt::Password.create(@token),expiry: (Time.now + DeviseTokenAuth.token_lifespan).to_i
  } 
  auth_header = @user.build_auth_header(@token,@client_id)
  # update the response header
  response.headers.merge!(auth_header)
  @user.save!
  if sign_in(:user,@user,store: false,bypass: false)
    render json:  {
      data: @user.token_validation_response 
    }
  end
end

将POST路由指向此并将来自Facebook请求的authResponse.accessToken作为params [：token]传递.Voilà,认证魔术！