Angular/Ionic/Phonegap app with rails API web service Auth - ruby-on-rails

I have recently decided to experiment with Angular/Ionic/Phonegap with a Rails API Web Service as backend, to create my first mobile app.
I am from a Rails background and usually use Devise to handle my user authentication/User object to which I assign Roles using Rolify.
Doing some reading, it seems to me that this is not the same methodology that I would have to follow for a mobile app as seen in this question? What I would ideally like to have, is for users to sign in / up using their Facebook accounts, which would create their User record. My web service will then assign the required roles etc.
So my question:
Should I be using Devise/Rolify/Pundit ?
Is there a better/more efficient way to handle this process using this stack?
Thanks

You can use Devise with the omniauth-facebook gem. There are some nice articles out there on how to implement.
Along with this question you should hopefully be able to work it out.

Any backend auth service should really work fine. We use Devise and have found it to work well with angular and ionic. We recently wrote a tutorial on how to set up Ionic with Devise that you might find useful.

Related

Best authentication strategy for Ruby on Rails API only server (with ActiveAdmin)

I have a project where I want to develop the frontend in Next.js (requests based on fetch API from JS) and the backend in RoR and I am having a hard time to get the User authentication to work. I have researched and found four possible solutions:
Sessions and cookies
JWT
devise_token_auth
devise-jwt
I have tried to implement some of them but i always end up getting a server error on client requests at some point. I would like to know if anyone has any resources where I can get to know more about and learn more about it so I can implement such authentication in my project.
If I could take advantage of devise would be even better, since I already have it setup for ActiveAdmin (wanna use the admin dashboard)
Thanks a lot in advance.
I used to use devise, but have since moved to AWS Cognito which handles everything for you and is customizable as needed. You might look into it.
https://aws.amazon.com/cognito/

Angular2 - Authentication with auth0 or rails?

Cause i'm new to the whole angular (specific angular2) thing i wonder about something.
I want to build an "api" backend with rails 5 as they released the api mode and my frontend with angular2. Because i'm used to rails i wanted to implement a devise user authentication and because i'm new to angular2 i searched for a way to authenticate the user against my rails/devise backend.
But all i find are tutorials about angular2 and auth0, which i never heared before.
So my question is, is it "normal" to user angular2 with auth0 authentication?
And when i use auth0 my user data are not in my database right? So how do i create relationships with my rails models?
Would be great if someone can explain that to me or link me some article if they exists.
Auth0 is one of the many choices available to you. If you'd like to use Auth0 but store credentials in your own database, there is a tutorial for setting that up with Auth0.
So it can be normal to use Auth0, and you can also have your user data available in your own database-- do keep in mind you'll need to secure user credentials thoroughly when storing them yourself though!
I've also faced the same problem and considered Devise (going so far as setting up a Rails+Devise landing page that redirected users to the Angular app after successful login). After much pain I have come to the same recommendation as Kassandra, that using JWT authentication is the way to go.
However, if you plan to use Auth0 note that after 7000 users have signed up you will need to upgrade. This may not be a problem for you but since I plan to deploy something substantial it's a decision I had to think about.

Is there an elegant way to integrate code performing authentication on other php site into Devise?

I am developing Rails application, in which I need to authorize users from other site written on PHP.
The APIs of PHP site written by its developer are custom i.e. they are not OmniAuth or similar.
I wonder, if there is elegant way to somehow integrate my code sending/receiving JSON responses to/from PHP site into Devise, so it could work like I am doing authentication of users in usual Devise way from my app.
Thanks.
Here is the link to official answer, I got from Devise maintainers: https://groups.google.com/d/msg/plataformatec-devise/lB4e0nYiM_U/RPDReqjO67QJ. Which means, the short answer is NO.

Best solution for mobile app <-> Rails app authorization/authentication

I'm current designing a Rails application that uses a form for user login, then persists session information in a cookie. However, I plan on a bulk of the interaction with the Rails application to be via a mobile app instead of a web browser.
What is the best way to accomplish user auth? I suppose I could save a cookie with my app. Or perhaps authenticate with every request. Perhaps there's a gem for this?
Check out the Devise gem.
It's REALLY good, supported by people that really know about Rails, and I guess I could say it's become the "industry standard" for these matters.
Devise on GitHub

How do I create a Stack Overflow-like registration process?

I am wondering how I can build the registration process like we have in Stack Overflow, where a user can login using one of several already existing accounts? I would prefer using Rails as a technology platform.
Are you looking for this?
http://testingauth.heroku.com/
I'm not sure this is exactly what you need, but the devise module, available on github, makes it very easy to build a authentication system in a rails application.
For authorization, another great module is called "cancan". You might need that too.
Check out OmniAuth. There are a few railscasts describing it.
You can use omniauth gem to implement openId auth. Also, it possible to extend your existing user auth systems. See great screencast about this at railscast: OmniAuth Part 1

Resources