Authlogic browser stuck (hang) on login (authlogic_facebook_connect)

The Issue

I am integrating facebook connect with my application which uses authlogic, facebooker, and the authlogic_facebook_connect plugin. After I log in with facebook, I get redirected to the front page of the site (as per my code) - but the page never loads! - it hangs. Looking at the development log, I see that something is continuously trying to load a user from the database.

The Explanation

This isn't specifically an authlogic_facebook_connect issue, but rather an issue in authlogic - it should just create a persistence_token in the database if it doesn't find one - not continuously try to find the user with a non-existent persistence_token.
Since I'm only using facebook connect for my site, though, the initial persistence_token creation that happens when a regular registration happens doesn't occur.

The Fix

1. First of all, let's make sure that the database field cannot be set to null so we get a database error if it is null at any point. Make sure that your persistence token's null parameter is set to false when you create the users table, as such:


2. Let's make the authlogic_facebook_connect plugin force a persistence_token reset when a user gets created.
Inside vendor/plugins/authlogic_facebook_connect/lib/authlogic_facebook_connect/session.rb, locate the validate_by_facebook_connect method.
Locate the lines:



And add another line underneath them to get the final result:



Now a persistence_token gets created when a user gets registered, and it's never NULL from that point on.


3. Finally, modify your existing database users' authenticity_token to anything other than NULL (i.e. RoRIsFun), so next time they log in, the browser hang isn't going to happen. I personally had nothing in my database, so I just dropped and migrated again, as such:



Update: Just found out that specifically with authlogic_facebook_connect, the regular flow leads to an inaccurate login_count (users are initially logged in twice). To solve this problem (and the previous problem), simply change

into


This would make sure you're only logged in once to the site, and that the user model gets validated. This also cause the automatic invocation of reset_authenticity_token by the normal validation flow of authlogic. This was originally disabled by authlogic_facebook_connect for reasons that are beyond me.