I want to make a app that logs in only using google, is it required to use devise? how would i go about it, documents only show example with devise.
Thank you
Devise is not required, but assuming you want some reasonable level of security you're going to want to use Devise rather than hand-rolling an authentication framework using just Google OAuth2 and some custom table setup.
Devise + omniauth-google-oauth2 = simple, clean Google authentication.
In my opinion you're much better off using Devise to handle this stuff. The amount of work already done by others that you'll end up duplicating by hand-rolling a solution is absurd.
And if you decide later that you want to add Facebook, Twitter or simple username/password authentication, the work is already done for you.
Devise is not required. The easiest way to do this would be with the omniauth-google-oauth2 gem.
Directions are available on the project's github page.
Related
I am researching on how to add protection to an existing rails app. The protection i need is to restrict two people log in with the same user credentials at any given time.
What would be the best approach around this?
I haven't seem to find any gem or something in particular.
Note that i am not using Devise but custom user authentication so please do not suggest anything related to devise.
I have an existing rails app with Mongo DB.Currently the app can be accessed by anyone that is every method in Portfolio controller and customer controller. Now I want that Portfolio controller should only be accessed by sign in user. How can I do that. I tried using active_admin but was unsuccessful.
You're looking for User Authentication. Try any authentication plugin like Devise or Clearance to sign in and distinguish individual users (more options here) or, even better at first, try building your own authentication solution alongside some of these excellent RailsCasts on User authentication (the paid episodes are totally worth it!). You'll learn how the different moving parts fit together real quick.
You might also want to consider using the Sorcery (https://github.com/NoamB/sorcery) gem as another option. It has links to the railscasts on the github repo there which helped a lot, and myself as a beginner found the wiki to be incredibly in-depth. Super easy to use.
I've read multiple blogposts and watched the railscasts episodes to APIs. But I still got one problem, I'd like to use the API in a way Facebook or twitter does. It should be possible to register an API client. The client should become an id and an secret (should be the same like username or password, right?).
Somehow I think devise could do everything for me but I'm not sure cause I'm kinda new to rails.
Is there a best practice or is the devise solution a good and common one?
Thank you guys! <3
You should use the Doorkeeper gem. Here is a demo app using rails, devise and mongoid.
Booth that services use OAuth so if you want to implement similar functionality you can use this technology also.
I am currently creating a rails application that requires authentication. Currently, I'm doing custom authentication like that shown in in the following railscast episode:
http://railscasts.com/episodes/250-authentication-from-scratch-revised
I would, however, like to add the option to also Log-in through facebook. After doing some research, I found that the easiest way to add Facebook login involves using Devise/Omniauth for authentication. Would it be worth it to try and switch my authentication system to Devise/Omniauth, or is there an easier way to add facebook authentication? I have also looked at the Facebooker plugin, but it seems very outdated. Any suggestions? I am relatively new to Rails, so I appreciate any help I can get!
I've used Authlogic and Devise in conjunction with Omniauth (+ facebook/google/twitter/etc). I found that Devise is the better solution for me with all it's built in functionality. Getting it to work with Omniauth was a breeze. There's a great Railscast here: http://railscasts.com/episodes/235-devise-and-omniauth-revised
I would definitely recommend going that route. Every piece of the pie is updated often and has great documentation so it should be easy to use for people still learning Rails.
Facebook authentication with Devise/Omniauth is mature, widely used, and well-documented. It would make sense to go with that.
Hey, i need some help with rails, again! Last it was about Authlogic.. Well I'm gone a bit backward since.. I mean, Authlogic isn't a Authentcate system i like.. So now i wan't you guys to tell me what you think is the best!
I going to use it to a project of mine. Where there has to be a few roles like Admin, User and Guest.. So might you guys can tell me what is good and what is bad..?
You need to split authentication from authorization.
Authentication covers the login/logout process. Authorization is directly linked to permission to see/use resources.
Authlogic is a very good authentication gem.
For authorization you can check CanCan from Ryan Bates, which is very simple to integrate with authlogic (just a single file in the models folder called ability.rb in which you configure all the app authorizations).
EDIT: You can also go with a simpler solution but you will lose flexibility
I used Devise and it worked quite well, however it did not met my needs...
What you might need however looks like something super simple, something like this: http://railscasts.com/episodes/21-super-simple-authentication
I use Authlogic for authentication and DocSavage's Rails Authorisation plug-in for authorisation needs. Its a simple yet powerful plug-in.
Rails authorisation plug-in: http://github.com/DocSavage/rails-authorization-plugin