问题描述
我有一个 Rails 应用程序和一个 Wordpress 站点.Rails 数据库中的所有用户.现在我想提供从 Rails 应用程序到 wordpress 的 SSO.
I have a Rails App and a Wordpress site. All users in Rails database. Now I want to provide SSO from Rails app to wordpress.
我发现了一些 tuts,但其中大多数都提供了从 Wordpress 到 Rails 的 SSO.
I found some tuts but most of them are providing SSO from Wordpress to Rails.
你有解决这个任务的想法吗?
Do you have some ideas to solve this task?
谢谢.
推荐答案
你对这个问题有点含糊,所以我会尽我所能.
you are a bit vague on the question so I would do the best that I can.
首先你应该添加 devise/omniauth gems 到 Gemfile
first you should add devise / omniauth gems to the Gemfile
gem 'devise'
gem 'omniauth'
gem 'omniauth-wordpress-oauth2-plugin', github: 'jwickard/omniauth-wordpress-oauth2-plugin'
为您的 wordpress 站点安装 Oauth2 提供程序插件:
Install Oauth2 provider plugin for your wordpress site:
https://github.com/jwickard/wordpress-oauth
为您的 rails 应用程序创建客户端条目,并将回调键设置为:http://example.com/users/auth/wordpress_oauth2/callback
Create client entry for your rails app with the callback key set to:http://example.com/users/auth/wordpress_oauth2/callback
那么你必须配置 Devise/Omniauth
then you have to Configure Devise / Omniauth
#config/initializers/devise.rb
config.omniauth :wordpress_oauth2, ENV['APP_ID'], ENV['APP_SECRET'],
strategy_class: OmniAuth::Strategies::WordpressOauth2Plugin,
client_options: { site: 'http://yourcustomwordpress.com' }
client_options: { site: 'http://yourcustomwordpress.com' }
现在你必须设置允许回调的路由
now you have to set up routes to allow callbacks
#config/routes.rb
devise_for :users, controllers: { omniauth_callbacks: 'omniauth_callbacks' }
创建回调控制器
#app/controllers/omniauth_callbacks_controller.rb
class OmniauthCallbacksController < ApplicationController
def wordpress_oauth2
#You need to implement the method below in your model (e.g. app/models/user.rb)
@user = User.find_for_wordpress_oauth2(request.env["omniauth.auth"], current_user)
if @user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Wordpress Oauth2"
sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
else
session["devise.wordpress_oauth2_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
现在你必须确保用户模型是全能的
now you have to make sure that the user model is omniauthable
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable
...
def self.find_for_wordpress_oauth2(oauth, signed_in_user=nil)
#if the user was already signed in / but they navigated through the authorization with wordpress
if signed_in_user
#update / synch any information you want from the authentication service.
if signed_in_user.email.nil? or signed_in_user.email.empty?
signed_in_user.update_attributes(email: oauth['info']['email'])
end
return signed_in_user
else
#find user by id and provider.
user = User.find_by_provider_and_uid(oauth['provider'], oauth['uid'])
#if user isn't in our database yet, create it!
if user.nil?
user = User.create!(email: oauth['info']['email'], uid: oauth['uid'], provider: oauth['provider'],
nickname: oauth['extra']['user_login'], website: oauth['info']['urls']['Website'],
display_name: oauth['extra']['display_name'])
end
user
end
end
end
希望能帮到你
这篇关于从 Rails 单点登录 Wordpress的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!