I'm kinda stuck right now with how to use single sign on in a specific scenario. So what I need to have is the following:
Apple Id like SSO (using rails)
Multiple rails api apps with seperate react frontends
Ability to activate/deactivate access to the apps
I've been using the doorkeeper gem so far but I don't know how to limit (activate/deactivate) access to the applications.
Hope somebody can help me out!
Related
I'm not entirely sure what to google. It seems everything I have googled just show me links to how to leverage omniauth to authenticate with other sites(facebook, twitter, github etc etc). That's simple and easy. What I want is the how to build that feature in a rails app, the functionalities that those sites (facebook, twitter, github) have that allow third party auth.
Here's the feature I'd like to build:
I have two separate applications, applications A and B. Let's say application A is the rails app that I want providing the authentication. And application B is using omniauth to login through application A.
How do I get started building that feature for application A?
Now, that's a loaded question, but if anyone could point to a resource I could start with that would be amazing! Thanks.
I am building a Ruby on Rails (Rails - v4.2.3 & Ruby 2.2.2) App which consumes an existing REST API.
The aforementioned API is written in PHP.
I need help regarding how to manage the authentication?
On searching through various forums I came across these two gems
https://github.com/lynndylanhurley/devise_token_auth
https://github.com/gonzalo-bulnes/simple_token_authentication
The problem I am facing with both is that they require my app to have a users model configured (using Devise).
However My app is primarily a front end for the Existing REST API, so if I do configure my own User model, I will end up with two Data Stores (One for the APP I make and the other for the existing API).
I wish to consume the external API and not have any native models for my APP.
I believe I can use ActiveResource for this (I need more reputation points to post a link to the gem, sorry I cannot do that right now, I am new to StackOverflow):
However I am not sure how to go about managing the security of the application. More specifically what measures can I take to prevent the authentication information from being viewed in plaintext while it is being transmitted to my API server for authentication?
Thank You.
Use HTTPS on your API. If your external API is using HTTPS then user info wouldn't be sent in plaintext from your rails app.
Don't forget to use HTTPS for your rails app too, as that is more important.
I have recently decided to experiment with Angular/Ionic/Phonegap with a Rails API Web Service as backend, to create my first mobile app.
I am from a Rails background and usually use Devise to handle my user authentication/User object to which I assign Roles using Rolify.
Doing some reading, it seems to me that this is not the same methodology that I would have to follow for a mobile app as seen in this question? What I would ideally like to have, is for users to sign in / up using their Facebook accounts, which would create their User record. My web service will then assign the required roles etc.
So my question:
Should I be using Devise/Rolify/Pundit ?
Is there a better/more efficient way to handle this process using this stack?
Thanks
You can use Devise with the omniauth-facebook gem. There are some nice articles out there on how to implement.
Along with this question you should hopefully be able to work it out.
Any backend auth service should really work fine. We use Devise and have found it to work well with angular and ionic. We recently wrote a tutorial on how to set up Ionic with Devise that you might find useful.
I want to have 1 database for few projects and only one of them have direct connection to db, first of all I want to implement user authentication.
I should work over REST , without connecting to database. D you have any experience with devise gem working together with active resource. Thank you.
Sounds like you're looking for a single-sign-on solution. What you can do is setup one application to have a REST API, and enable single sign on for it which the others can utilize to connect to it. Try looking at this railscast about Single Sign On using OpenID.
I have been trying to figure out how to integrate a node.js app into a rails app and having them share sessions. I've so far only been able to dig up sharing sessions between sinatra and ruby on rails via rack middleware. Is it possible to to do this?
I thought of a workaround involving the ror implementing a rest service that "poops" out a guid that node.js can use to create its own session. This solution however requires having model validations ad such stored in two seperate apps.
just wondering if there was a way to integrate them.
and while using a js based webframework like geddy or express is cool, I have alot of existing rails code and 3rd party libraries such as active merchant that I would have to reinvent.
how about using something like memcached to share a validation mechanism, for example set a session in rails and for every message to the nodeJs server a token is given, nodeJs checks on memcached if the token exists and grants or denies based on that. You would of course add the record on memcached from the rails app
Isn't that the same as sharing authentication between two different domains like openid, facebook connect, twitter sign-in.
from rails site do an openid like redirect to node.js with the authentication information encrypted inside the url and vica versa?
I am wondering if it is not possible to use Custom OAuth Provider Strategy from connect-auth and vica versa because connect-auth is "Authentication middleware for connect". I haven't figured the complete details out, but this might be an option?