I've read multiple blogposts and watched the railscasts episodes to APIs. But I still got one problem, I'd like to use the API in a way Facebook or twitter does. It should be possible to register an API client. The client should become an id and an secret (should be the same like username or password, right?).
Somehow I think devise could do everything for me but I'm not sure cause I'm kinda new to rails.
Is there a best practice or is the devise solution a good and common one?
Thank you guys! <3
You should use the Doorkeeper gem. Here is a demo app using rails, devise and mongoid.
Booth that services use OAuth so if you want to implement similar functionality you can use this technology also.
Related
I am currently creating a rails application that requires authentication. Currently, I'm doing custom authentication like that shown in in the following railscast episode:
http://railscasts.com/episodes/250-authentication-from-scratch-revised
I would, however, like to add the option to also Log-in through facebook. After doing some research, I found that the easiest way to add Facebook login involves using Devise/Omniauth for authentication. Would it be worth it to try and switch my authentication system to Devise/Omniauth, or is there an easier way to add facebook authentication? I have also looked at the Facebooker plugin, but it seems very outdated. Any suggestions? I am relatively new to Rails, so I appreciate any help I can get!
I've used Authlogic and Devise in conjunction with Omniauth (+ facebook/google/twitter/etc). I found that Devise is the better solution for me with all it's built in functionality. Getting it to work with Omniauth was a breeze. There's a great Railscast here: http://railscasts.com/episodes/235-devise-and-omniauth-revised
I would definitely recommend going that route. Every piece of the pie is updated often and has great documentation so it should be easy to use for people still learning Rails.
Facebook authentication with Devise/Omniauth is mature, widely used, and well-documented. It would make sense to go with that.
I'm trying to build a very simple Rails app where people can log in and then see a list of their Run Keeper Fitness Activities
I opted to use Devise and OmniAuth to handle the logins (complete with omniauth-runkeeper). All was working well, having followed Ryan Bates brilliant Railscast on the topic.
I was then keen to use the HealthGraph gem to connect to the RunKeeper API. To do so, it needs an access token. I opted to pull this at point of authorising the app, and record it in the user model (as outlined in this Gist) but I'm not sure this approach is quite right. Should I be recording this access token permanently in the database? I can easily create a new connection through the API now by using the following, but I'm concerned that this isn't the securest approach.
#user = HealthGraph::User.new(current_user.run_token)
Any advice or tips on a different approach would be greatly appreciated.
Ian
Apologies in advance for a rather non-specific question:
I am looking for some guidance on how 'best' to get a Rails app to talk to FB/Twitter etc and I see that there are options like Koala (https://github.com/arsduo/koala) for FB (and others for Twitter and so on.)
But then, there's also OmniAuth - which is for Authentication - but again for FB/Twitter/LinkedIn etc.
So how do the pieces of this puzzle fit together - do I need to use both OmniAuth and Koala for example if my Rails app needs to integrate with FB? Do I need just one? Is there something one uses OmniAuth for first and then Koala for the rest? A few sentences about the lay of the land here would really help me understand what each does and how they fit together.
Thanks!
Omniauth is simply an authentication library. It doesn't actually interface with the rest of the Facebook/Twitter/LinkedIn API. The only thing you do with it is bypass custom user profiles in favor of "Log In With Facebook".
Koala and other libraries similar to that are just rails-specific API interfaces. You can use them within your app to do deep integration into their Facebook or Twitter profile.
I'm looking for a plugin or a helper to help me with building a Twitter Rails app, stuff like signing in with Twitter, listing the users followers, etc. What is the best one out there?
Try using http://twitter.rubyforge.org/ I find it to be the one with the best documentation.
If you want to do more than simple API calls and go for user authentication as well look into
using devise with twitter https://github.com/MSch/devise-twitter
Railscasts has covered this in several episodes:
http://railscasts.com/episodes?utf8=%E2%9C%93&search=twitter
You can use
omniauth which can also cover services like github and facebook (if you feel like expanding)
https://github.com/intridea/omniauth
with the twitter strategy
omniauth-twitter (can't post link because of not enough rep, google it yo)
there are some railscasts that look over how you can integrate the two and this nettuts article which will give you an overall description of omniauth & providers
http://net.tutsplus.com/tutorials/ruby/how-to-use-omniauth-to-authenticate-your-users/
My authentication system will be at the heart of my application and the revenue model for my business. I want a strong, but yet simple authentication option for Rails.
What are your suggestions?
You have many different authentification options for Rails.
I personaly prefer Devise, it's really complete, with a lot of features and simple to use.
You can have a look at a Railscast :
http://railscasts.com/episodes/209-introducing-devise
Use facebook for websites to authenticate use. There is one one gem which lets you use facebook auth via devise (devise_facebook_connectable)
https://github.com/grimen/devise_facebook_connectable