ERR_TOO_MANY_REDIRECTS logging in with OmniAuth/Devise/Rails

Question

I'm attempting to add Facebook login to my Rails 4 site following these instructions:

https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

I'm currently using Devise and Pundit for authorization and authentication. Despite having followed the instructions to my best ability, I'm getting an error. When I click my "Login with Facebook" button, a window pops up that asks for email/password, and when I submit that info, I get an error page that reads:

[MyApp.com] page isn’t working

[MyApp.com] redirected you too many times.

Try:

• Reloading the page
• Clearing your cookies ERR_TOO_MANY_REDIRECTS

It seems like somehow I've introduced a redirect loop, but I don't really understand the data flow, so it's hard to find where I've gone wrong.

Here's my routes.rb:

Rails.application.routes.draw do
  get 'home/index'

  devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks", sessions: "sessions" }

  resources :movies
  root 'home#index'
end

omniauth_callbacks_controller.rb:

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  before_filter :authenticate_user, :except => [:new, :create, :destroy]
  def facebook
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.from_omniauth(request.env["omniauth.auth"])

    if @user.persisted?
      sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
      set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
    else
      session["devise.facebook_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def failure
    redirect_to root_path
  end
end

OmniAuth's configuration in config/initializers/devise.rb:

config.omniauth :facebook, '[APP ID]', '[APP SECRET]', callback_url: "https://#{ENV['C9_HOSTNAME']}/users/auth/facebook",
  :client_options => {:ca_file => '/usr/lib/ssl/certs/ca-certificates.crt'}

My user model (user.rb):

class User < ActiveRecord::Base
  rolify
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, and :timeoutable
  devise :database_authenticatable, :registerable,
         :recoverable, :rememberable, :trackable, :validatable,
         :omniauthable, :omniauth_providers => [:facebook]

  def self.from_omniauth(auth)
    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
      user.email = auth.info.email
      user.password = Devise.friendly_token[0,20]
    end
  end

  def self.new_with_session(params, session)
    super.tap do |user|
      if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"]
        user.email = data["email"] if user.email.blank?
      end
    end
  end
end

And the link in my view (using HAML):

%button
  = link_to "Log in with Facebook", user_omniauth_authorize_path(:facebook)

Answer 1

I've just had this exact problem too! After you recieved this error, were you able to reload the page and it had actually logged you in? If so, then that's what I had. The log in worked - but the redirects weren't good.

Have you added in the function after_sign_in_path_for(resource) to the application_controller.rb that redirects the page after login? I had and that's why the redirects were occuring.

My solution was to fixed the if statement to include the right referrer. I just added in || request.referer.include?("google"), of course you may have to change it to account for 'facebook' in the referrer url.

def after_sign_in_path_for(resource)
  sign_in_url = new_user_session_url
  if request.referer == sign_in_url || request.referer.include?("google")
    super
    goals_path
  else
    stored_location_for(resource) || request.referer || root_path
  end   
end

Now... if you haven't used that function then my answer will be useless to you. Good luck.