Is there a rails plugin which can handle authentication with facebook, twitter and openID providers (ex. google, yahoo...)
I would recommend Devise. It is a very active project that is maintained by José Valim who is a contributor to Rails core. I've been using it for several months for authentication with both Facebook and Google (through openid) without any real problems.
authlogic with authlogic_oauth & authlogic_facebook_connect will cover all of those.
Related
I am writing a facebook app by using ruby and rails. I will need Facebook connect and login, share, and timeline integration (posting on user's behalf). Is there any tutorial/guide or gem that you recommend.
Thank you
Cheers
Koala is a gem that interacts with Facebook's Graph API and can handle Facebook OAuth as well.
Koala has some good examples on Github, but if you like Ryan Bates covers Koala and Facebook's Graph API in Railscasts Pro #361 and #363. Both are paid episodes.
Omniauth is a great gem for handling many different OAuth providers, including Facebook. Ryan Bates covers it in several episodes.
I can recommend 3 gems for facebook authentication and login. Implementing them would be quite complex. For basic authentication you can use devise, then for facebook login, you can integrate omniauth with the omniauth-facebook gem into devise:
https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
I'm currently using OAuth to authenticate people with their twitter (twitter gems) acount in my application. The problem is that for people who aren't connected or who have various accounts.
So that's my question, is that possible, to ask user their login/password to link their twitter account on my application ?
Thanks
It is no longer possible to connect to Twitter's API using Twitter credentials. Twitter's public stance on this is that you should -never- provide your Twitter credentials to anyone else, ever. This is part of their rationale for implementing OAuth.
Even if you had the user's Twitter password, you couldn't validate that it was actually their password, nor could you access their Twitter account with it through the Twitter API.
Your best bet would be to look into devise and omniauth. I've gotten it to work this way. Omniauth also allows to link to several accounts. Be it, Facebook, Twitter, etc.
I'm sure it's entirely possible to ask users for their Twitter login/password on your application. It's a very bad practice though, as OAuth avoids the need for client applications to ever touch a users credentials. I suggest setting up an authentication/authorization system that maintains a login/password and then allows connecting multiple OAuth accounts via an AuthenticationStrategy model or the like. Ryan Bates did a few Railscasts on the subject:
http://railscasts.com/episodes/235-omniauth-part-1
http://railscasts.com/episodes/236-omniauth-part-2
Is Devise a good option? Another extension? Roll my own as per OAuth in Rails - google, twitter, facebook, connect for login like stackoverflow login?
You can go with Devise in combination with Omniauth or use Omniauth on its own building your own authentication. You need to decide whether you want local+remote sign-up or remote sign-up only. I did both recently and wrote articles about it:
Devise + Omniauth: http://communityguides.heroku.com/articles/11
Omniauth, includes full code on Github: http://communityguides.heroku.com/articles/16
(Links updated 15.12.2012)
Edit: Regarding local sign-up - you might use myopenid as a replacement and send users over there if they do not have or do not want a Twitter/FB/Google account...
I highly recommend Devise (1.2 or newer) with OmniAuth. I have been successful in using that combination to enable single sign-on from a Rails application to GitHub, and it's fairly trivial to add support for additional providers.
https://github.com/plataformatec/devise/wiki/OmniAuth%3A-Overview
I'm trying to add Google Apps authentication to my Rails (3) app using Devise (1.2.1). Thing is, I can't find anything that helpful on the interwebs other than the small mention in the devise wiki.
Question is, is this possible, and are there any examples out there I can check out?
Devise is to make your web application authenticate users. If you wanт users to login into your app with Google ID then look into OpenID. If you want to connect to Google services you need to implement Oauth client
Using the current rails 2
I want users to be able to create an account from:
traditional signup
twitter
facebook
and then allow them to link facebook and/or twitter and/or traditional signup later.
I read this http://www.themomorohoax.com/2009/02/21/rails-2-3-authentication-comparison
and decided to check out:
Authlogic
Restful Authentication
Devise/Warden
It seems for at least some of the plugins you can use with them that making OAuth work with them will make them incompatible with any other login system.
Will I need to roll my own from the ground up, or can I glue together some existing pieces?
You can glue together existing pieces.
I wouldn't advise for Restful Authentication. It's getting old and isn't maintained anymore.
If you plan on using Authlogic, you can take a look at those two gems :
authlogic oauth for any oauth service (including twitter)
authlogic facebook connect
If you plan on using Devise, you can take a look at those two gems :
warden oauth for any oauth service (including twitter)
device facebook connectable