Cookie Overflow with Twitter sign in

Question

I've got he kind of error when I tried to sign in with twitter on my website.

ActionDispatch::Cookies::CookieOverflow in Users::OmniauthCallbacksController#twitter 

ActionDispatch::Cookies::CookieOverflow

I can't find a solution, this is the code I use.

omniauth_callbacks_controller.rb

def twitter
@user = User.find_for_provider_oauth(request.env["omniauth.auth"], current_user)

if @user.persisted?
  sign_in_and_redirect @user, :event => :authentication
  set_flash_message(:notice, :success, :kind => "twitter") if is_navigational_format?
else
  session["devise.twitter_data"] = request.env["omniauth.auth"]
  redirect_to new_user_registration_url
end

devise.rb

require "omniauth-twitter"


config.omniauth :twitter, 'xxxxxxx', 'xxxxxxxxxxxk', :strategy_class => OmniAuth::Strategies::Twitter

user.rb

def self.from_omniauth(auth)
where(auth.slice(:provider, :uid)).first_or_initialize.tap do |user|
  user.provider = auth.provider
  user.uid = auth.uid
  user.name = auth.info.name
  user.oauth_token = auth.credentials.token
  user.oauth_expires_at = Time.at(auth.credentials.expires_at)
  user.save!
end

def self.find_for_provider_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
  user = User.create(name:auth.extra.raw_info.name,
                     provider:auth.provider,
                     uid:auth.uid,
                     email:auth.info.email,
                     password:Devise.friendly_token[0,20],
                     invite_code:"42TXP"
                     )
end
user

Answer 1

Use: .except("extra")

session["devise.twitter_data"] = request.env["omniauth.auth"].except("extra")

It removes a big part from the cookie that is simply not needed.

Answer 2

It is what you put in the session in the else part of save

session["devise.twitter_data"] = request.env["omniauth.auth"]

It's probably too big for a cookie. You should save that information somewhere else. Or don't keep it.

Answer 3

I recently had a similar problem after following the method in https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview, I hope this can help you.

In the OmniauthCallbacksController, instead of:

@user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)

I use:

@user = User.find_for_facebook_oauth(request.env["omniauth.auth"].provider, request.env["omniauth.auth"].uid, request.env["omniauth.auth"].extra.raw_info.name, request.env["omniauth.auth"].info.email, current_user)

In the user model :

def self.find_for_facebook_oauth(provider, uid, name, email, signed_in_resource=nil)
user = User.where(:provider => provider, :uid => uid).first
unless user
    user = User.create(:name => name,
                     :provider => provider,
                     :uid => uid,
                     :email => email,
                     :password => Devise.friendly_token[0,20]
                     )

  end
  return user
end

Also in OmniauthCallbacksController make sure you avoid using request.env["omniauth.auth"], use request.env["omniauth.auth"].uid instead.