I have an app made with Rails 4. I want to add a blog made with Drupal 7. It hasn't been in production yet so no users are stored. I want the users to be able to comment in Drupal 7 with the same email / password (and ideally sessions) that with Rails 4. From my point of view, maybe the solution may come from setting the table that Devise uses to the one Drupal creates, and then copying the encryption salt of the Drupal installation, or maybe using the same OAuth login for both sites, like Google or Facebook, but I would need specific registration for this app.
I know there is a similiar question: Import Drupal user accounts into Rails without requiring users change their passwords but in my case I the users to work both ways.
Any ideas would be appreciated, thanks.
I would go for a clean solution. Whatever login feature you have in rails ( be it implemented by hand, devise or any other), allow it to login users using a GET request (i.e. Embedding the authentication details in the url). This way, you will be using the Rails application as an API for the blog and you will not have to expose the user credentials.
Related
I currently have a productive web based Rails 6 application using devise for authentication.
I now have the requirement to implement API access to the same webapp.
Ideally:
There would be a separate auth link. (i.e. web access through http://<app_url>/users/sign_in and api login through http://<app_url>/api/v1/login
The intention is to receive user & password on the login and reply, once it's valid, a token with a certain validity (still uncertain if this should be in terms of days or weeks)
The api access with a valid token, should result in bypassing devise and granting the access.
I have implemented more than one solution available in forums, but none worked on Rails 6.
The options I have tried include using devise-jwt gem.
Any help on directions to overcome this are highly appreciated. I'm stuck in this scenario for a few days now.
Edit
I have tried some online options, but either bc I have a limited skill with rails or bc these don't work on Rails 6, I'm not getting any feasible state that I can use to move forward.
I'm not entirely sure what to google. It seems everything I have googled just show me links to how to leverage omniauth to authenticate with other sites(facebook, twitter, github etc etc). That's simple and easy. What I want is the how to build that feature in a rails app, the functionalities that those sites (facebook, twitter, github) have that allow third party auth.
Here's the feature I'd like to build:
I have two separate applications, applications A and B. Let's say application A is the rails app that I want providing the authentication. And application B is using omniauth to login through application A.
How do I get started building that feature for application A?
Now, that's a loaded question, but if anyone could point to a resource I could start with that would be amazing! Thanks.
Cause i'm new to the whole angular (specific angular2) thing i wonder about something.
I want to build an "api" backend with rails 5 as they released the api mode and my frontend with angular2. Because i'm used to rails i wanted to implement a devise user authentication and because i'm new to angular2 i searched for a way to authenticate the user against my rails/devise backend.
But all i find are tutorials about angular2 and auth0, which i never heared before.
So my question is, is it "normal" to user angular2 with auth0 authentication?
And when i use auth0 my user data are not in my database right? So how do i create relationships with my rails models?
Would be great if someone can explain that to me or link me some article if they exists.
Auth0 is one of the many choices available to you. If you'd like to use Auth0 but store credentials in your own database, there is a tutorial for setting that up with Auth0.
So it can be normal to use Auth0, and you can also have your user data available in your own database-- do keep in mind you'll need to secure user credentials thoroughly when storing them yourself though!
I've also faced the same problem and considered Devise (going so far as setting up a Rails+Devise landing page that redirected users to the Angular app after successful login). After much pain I have come to the same recommendation as Kassandra, that using JWT authentication is the way to go.
However, if you plan to use Auth0 note that after 7000 users have signed up you will need to upgrade. This may not be a problem for you but since I plan to deploy something substantial it's a decision I had to think about.
I have recently decided to experiment with Angular/Ionic/Phonegap with a Rails API Web Service as backend, to create my first mobile app.
I am from a Rails background and usually use Devise to handle my user authentication/User object to which I assign Roles using Rolify.
Doing some reading, it seems to me that this is not the same methodology that I would have to follow for a mobile app as seen in this question? What I would ideally like to have, is for users to sign in / up using their Facebook accounts, which would create their User record. My web service will then assign the required roles etc.
So my question:
Should I be using Devise/Rolify/Pundit ?
Is there a better/more efficient way to handle this process using this stack?
Thanks
You can use Devise with the omniauth-facebook gem. There are some nice articles out there on how to implement.
Along with this question you should hopefully be able to work it out.
Any backend auth service should really work fine. We use Devise and have found it to work well with angular and ionic. We recently wrote a tutorial on how to set up Ionic with Devise that you might find useful.
I'm current designing a Rails application that uses a form for user login, then persists session information in a cookie. However, I plan on a bulk of the interaction with the Rails application to be via a mobile app instead of a web browser.
What is the best way to accomplish user auth? I suppose I could save a cookie with my app. Or perhaps authenticate with every request. Perhaps there's a gem for this?
Check out the Devise gem.
It's REALLY good, supported by people that really know about Rails, and I guess I could say it's become the "industry standard" for these matters.
Devise on GitHub