I'm using Devise and OmniAuth (Facebook) in a Rails 3 app. I just started noticing this behavior recently.
When a user signs in, he is redirected to his dashboard, however, the characters "#_" are being appended to the url. The only thing I can think of now is a conflict between the routes created by:
resources :users
and
# User Authentication
devise_for :users,
:singular => :user,
:controllers => {:registrations => 'registrations'} do
get 'logout' => 'devise/sessions#destroy'
end
OmniAuth is a library that standardizes multi-provider authentication for web applications. It was created to be powerful, flexible, and do as little as possible. Any developer can create strategies for OmniAuth that can authenticate users via disparate systems.
Devise is a well known solution for authentication in Rails applications. It's full featured (it not only adds authentication but also password recovery, email changing, session timeout, locking, ip tracking, etc.) and can be expanded to add even more (like JWT authentication).
Devise is the cornerstone gem for Ruby on Rails authentication. With Devise, creating a User that can log in and out of your application is so simple because Devise takes care of all the controllers necessary for user creation ( users_controller ) and for user sessions ( users_sessions_controller ).
Is this only happening with Facebook? If so it is probably related to: https://developers.facebook.com/blog/post/552/. Notice how Facebook outlines that they changed the session redirect handling to append a #_=_
to responses. I'm not sure why this was done, however you may be able to fix it by supplying an explicit redirect url.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With