Hi!
My users cannot log in with Facebook anymore. This is the error log:
(facebook) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected
I’m using Cloudflare in front of nginx. I’m using Cloudflare automatic SSL (flexible). I didn’t install any certificate on my server (i.e. I’m not using Letsencrypt).
Is this related to Cloudflare? Can this be solved without installing Letsencrypt?
Thanks!
This error is similar both for Google and Facebook. In my configuration there was a line in nginx:
# proxy_set_header X-Forwarded-Proto $https;
After I changed it to
proxy_set_header X-Forwarded-Proto $scheme;
the error has gone.
Solution was found after reading this topic: Redirect URI mismatch in Google Auth
我必须改进我的答案。
在尝试了 FB 和 Google 身份验证后,由于公司政策,我停留在 Office365 登录。
当我将我的 discourse 服务器置于代理后面时(参见下图),O365 身份验证变得不可用。它需要启用 force https,而此选项在代理后面是无效的。感谢 Daniel 解决了这个问题:https://meta.discourse.org/t/moved-site-behind-proxy-favicon-and-header-not-using-https-anymore/131486/11。
内部 Nginx 配置中的行
proxy_set_header X-Forwarded-Proto $scheme;应替换为
proxy_set_header X-Forwarded-Proto "https";
外部 Nginx 不需要此类修改。它有:
proxy_set_header X-Forwarded-Proto $scheme;
可能 FB、Google 和其他类型的身份验证也存在同样的问题。
附注
显然该字符串包含一个错字 $,并且是无用的。
