In Railscast: http://railscasts.com/episodes/241-simple-omniauth Ryan uses omniauth for logins. In the video when he clicks on the login button the first time Twitter asks the user if they would like to authorize Ryan's app. The second time the login button is clicked it automatically logs the user in. In my application, the user is forced to authorize my app each time. If the user is logged into twitter and has already authorized the app, then shouldn't it "just work"?
EDIT: my app currently has Read, write, and direct message permissions. I'm also using omniauth-twitter (0.0.6).
Ok so just have released new version for that.Please use 0.0.7
https://rubygems.org/gems/omniauth-twitter/versions/0.0.7
Thanks to @fosrias
Cheers, Arun
Adding a non-rails answer here.
Just be sure to check in the twitter settings for your app that the "Allow this application to be used to Sign in with Twitter" checkbox is selected. Otherwise Twitter will always redirect you to the authorize page instead of authenticate.
I spend 45 minutes troubleshooting the rails app before finally checking the twitter settings, hopefully this will save someone some time.
If you have requested permission for DM privileges or other advanced privileges this can cause problems. ( https://dev.twitter.com/discussions/1459 )
If that doesn't help, more details would be useful.
I suspect a regression or something in the twitter oauth gem:
EDIT: Solves the issue.
I believe that oauth removed the individual strategies. In any case, using Devise, the following fixed this (should work as modified for other Twitter oauth configs):
config.omniauth :twitter, 'consumer_key' , 'consumer_secret', :client_options => {:authorize_path => '/oauth/authenticate'}
I solved simply changing the login link destination to
"/auth/twitter?x_auth_access_type=read"
Seems like when your app settings have read, write, AND Access Direct Messages it always asks for permissions. Setting it to Only read or read and write solves this issue.
If you originally had you application permissions set to "Read and Write" and later added the "Access Direct Messages" permission AFTER you had authenticated once, then subsequent authentication attempts will cause the "Sign in" page to reappear. But, notice you'll see that the app will still NOT have permission to access direct messages for that user. This is because your app is now trying to ask for direct message permissions, but your access token was setup originally just for read/write.
I found this discussion where @toptwetcom mentions that your access token (Not the App API key) must be regenerated after an app permissions change. I'm still in dev mode, but here's what worked for me:
- Go to https://apps.twitter.com, find your app and go to the Permissions tab
- Change permissions to "Read, Write, and Access Direct Messages" if you haven't already. (It sometimes takes a minute for the changes to show—keep refreshing!)
- Go to the API Keys tab (still for the application)
- Click "Regenerate my access token" button and confirm.
- Sign out of your app (if not already)
- In your app, sign back in with Twitter (and reauthorize your app).
If you now go to https://twitter.com/settings/applications you should see that you've given "read, write, and direct messages" permissions to your app. Also if you logout of your app and log back through Twitter, it should "just work" (given you are already signed in with Twitter).
Also, be sure to read @JasonLogsdon's answer.
来源:https://stackoverflow.com/questions/8251519/rails-omniauth-twitter-asking-for-app-authorization-each-time-user-logs-in