I'm using devise (4.8.1) and omniauth-twitter and I have "Login with Twitter" working. A user can sign in (a User is created if it doesn't exist yet), the session is persisted and I can store their access token in the database to do further API requests.
For some new Twitter API endpoints I have to upgrade to OAuth 2:
https://developer.twitter.com/en/docs/authentication/oauth-2-0
I'm wondering what's the current way of accomplishing that, I can see there's a [omniauth-oauth2][1] gem but I don't see how this hooks into Twitter and Devise.
I could just implement the callback endpoints from the Twitter's OAuth 2 but I'm unsure how I'd feed that information to Devise then so it takes care of the session persistence.
Any idea where to start?
Thanks!
Related
I'm setting up a rails app with both normal signup and google authentication combined. For normal Signup, I will use Devise gem and I want to integrate an optional google login. How do I integrate Devise Authentication and Google Authentication properly?
For my rails applications, I have implemented Google authentication alone successfully and I have also implemented Devise Authentication successfully. But I don't know how to combine both together with a single "User" table for user records.
The expected login is this:
https://prnt.sc/m004wf
You need to use omniauth-oauth2 and omniauth-google-oauth2.
Implementation is provided in it.
For facebook login, you can use, omniauth-facebook
Also you have to create project on google cloud console to use google plus authentication where you can get oauth client id & secret key, which will be used in your application.
You can certainly do that, using the devise_two_factor gem.
I have a Rest API written in Ruby on Rails which is having a regular SignUp and SignIn via a username and password. The SignUp and SignIn flows are currently handled through "devise" and "simple_token_authentication" Ruby Gems.
Now I need to integrate Facebook and Google Login to the existing SignUp and SignIn flows. Therefore, I'm looking for a recommendation to implement this easily.
I have already done some research and found, that I could use Koala for Facebook integration and I personally feel like Koala is a heavy Gem only to handle Facebook Login.
Would you recommend using it or does anyone else have an alternative approach. Or even writing a custom code to validate the Facebook access token in the server end sending back the application specific authentication token back to the client would be better.
PS : Is there a possibility of using the Omniauthable module in Devise to authenticate Facebook and Google users via the REST API.
in the working project on rails 4 is used omniauth gem for social authorization, connected some social networks
and the appropriate gems are used
omniauth-facebook
omniauth-instagram
omniauth-google-oauth2
now there was a task to add api for mobile authorization, where the scheme is somewhat different:
client starts oauth flow w/ Facebook (using login button etc)
client gets access token and posts back to server
server looks up user via (FB/Instagram/Google) api call w/ token
server does lookup/create of user based on uid & provider
user is logged in if a user association lookup is successful
Help me please how to use received access token from mobile in omniauth and not duplicate the functionality
I solved the problem through monkey patching build_access_token method, in this method i check the presence params[:access_token] parameter
I use rails as backend for ios applications. So far i have been using devise as it looks flexible and comfortable to use with less effort . And i have read about omniauth and that too looks easy to integrate with devise. My question is, consider my ios app requires authentication and the following are the different methods that i should be able to allow user to do
Login using email and password
Login using Facebook account
Login using Twitter account
Login using email can be handled by the devise itself but how about login using Facebook and twitter? Actually in one of my project i came up with the following approach which has all three of these login process. The ios app authenticates the user from the device(not devise) itself and sends the user information like username, email etc whatever required along with auth type so i save this a separate user with username that is sent and one of the field as password. And the next time he sends me these details i allow him to login to the app. But now i realised this is not the best way to do. I read about FBgraph which can be used to verify the access token validity, so should i get the token from user and then verify it and get the profile information and save it in user model and give them the token.
Also i have another doubt which is, For login using email and password i allow user to login through email and password and then for the each requests the user sends me the username and password. Is this is alright or do i have to create a token in login request and send the token as response and then the user can send the token for all the other request he makes.
Sorry if it is confusing but to tell you shortly i need to know what should i do if i have all these three login process. Any help is greatly appreciated. Thankyou
There are couple things to consider when dealing with external applications like on other devices:
You should use an API to communicate with your Rails server
Your server should send an authentication token after the first user authentication using his email and password. It is not a good idea to send user's email and password for each requests.
Devise
Devise is great for authentication both in-app and for remote applications using the token_authenticatable hook. This will allow any registered user to have a unique secret token to use in order to be authenticated on your server.
More information here
OAuth2
OAuth2 is becoming the standard way to authenticate on remote services giving the user the possibility to use his Facebook account to login for example.
This would be the easier way to allow your users to authenticate using their Facebook or Twitter account (note that twitter will not give you the user's email address).
Devise can handle OAuth2 clients.
Finally, you could also create your own OAuth consumer to authenticate users using your service. Doorkeeper is a great gem to protect your API endpoints and to allow users to use OAuth2.
Conclusion
Devise is great for authentication. Using their token module coupled with OAuth2 integration could do the trick in your case.
Here is the OmniAuth wiki page from Devise
Here is the Simple Token Authentication wiki page from Devise
I use Twitter oAuth to allow users to signup for my site.
I have the user's access_token, access_secret from their signup stored.
When the user wants to return to the site and login to their account, how do I authenticate them using twitter login/password?
I do not want to ask users to give access like:
- give access to example.com to read/write your stuff on twitter
The user already has signed up using their twitter credentials, how do I reuse it instead of asking them to create a separate password?
I would rather not venture towards authlogic in addition to oauth
Currently, if the user is already logged into twitter, I can authenticate him.
using the access_token, access_secret. What if he is not logged in?
How do I prompt for username/password for twitter and authenticate for my app?
Thanks for your help.
Try using them OmniAuth gem. Makes doing that pretty straight forward.
If you're not wanting another gem dependency, you could probably code up your own functionality based on what they do with their twitter strategy and abstract oauth logic.
This RailsCasts episode demonstrates how to create a simple authentication system that only requires an OAuth verification, without the need for a seperate user account maintained by your app.