I've implemented twitter authentication in my rails app, on my local dev box. However I'm not able to get the application to log off. Isn't it enough to clear these two cookies?
remember-token and -twitterauth-session?
I'm not familiar with the specifics of Twitter authentication but generally you should invoke the reset_session method in your controller.
Related
I'm building an iOS app with Rails on the back-end.
The Rails application uses Devise for authentication and I want to use the same service for the authentication on the iOS app. Is there any way that after authenticating, keeping the session even after the app restarts, so that it goes straight to the content of the app instead of the login screen?
I've looked around, but haven't found a clear answer.
Thanks on advance!
One solution could be to extend the existing devise models and controllers to also handle a token based authentication system. Based on the request type html or json, the app can choose to authenticate a user either by the authentication token and email or a combination of username/email and password.
The authentication token could could be saved on the client side and reset only when the user logs out.
I was recently working on the same problem and found these sources to be extremely useful.
https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
http://www.soryy.com/blog/2014/apis-with-devise/
https://github.com/lynndylanhurley/devise_token_auth
I am developing a web application with ruby on rails. I am trying to link the authentification page of my webapp to a Central Authentication Service (CAS).
So, whenever someone tries to start my webapp , my app should :
Check if the user is already connected to the CAS
1/ if he is already connected, the app will start and he can use its services normally
2/ if the user is not connected to the app, a login page will be displayed, where he has to type his password and login. These password and login will be tested on the CAS, and according to the result of the test will be allowed to start the webapp or not.
This seems a bit complicated to implement. I need help because i am new to ruby on rails.
thanks in advance
use the devise gem,
here is a railscast to show you how railscast example
and here is the gem link
here is a CAS specific gem for devise
hope that helps
I am trying to implement a facebook user authentication in my iOS6 App through my Rails Backend running with Devise using omniauth. I am looking for a step by step guide how to setup my API and Devise + Authentication.
I only have a only have a rough knowledge about how to do that.
(on App) check if the user signs in on his facebook on iPhone
iPhone is authenticated client sided on Facebook. FB passes me his mobile auth token
I send my auth token or auth hash to my rails backend via API RESTful SSL.
Rails receives the Token and checks if it is valid. ( What command uses the least traffic against FB Graph API? with Koala Gem)
If valid. Check if the user already exists. If not, create a new user.
Create a new session.
Is this correct?
Are there any good examples?
Thank you very much.
I'm not familiar with the iPhone piece, but your approach after that is generally accurate. The only exception is that you would typically use provider + uid to find or create a user, rather than a token. That might be what you meant by your #5, but it wasn't clear to me.
Beyond that, there is a good (paid) Railscast on the subject of Omniauth + Devise, which would probably be worth the price for you:
http://railscasts.com/episodes/235-devise-and-omniauth-revised
It covers how you can receive and handle the auth hash, and it gives you a nice starting point for what your methods will look like.
if you don't access to pro episodes i have some links to help.
http://jessewolgamott.com/blog/2012/01/19/the-one-with-a-json-api-login-using-devise/
you can also look into it
http://net.tutsplus.com/tutorials/ruby/how-to-use-omniauth-to-authenticate-your-users/
Nice and easy to code
http://blog.joshsoftware.com/2010/12/16/multiple-applications-with-devise-omniauth-and-single-sign-on/
I hope these will work for you :)
http://www.orhancanceylan.com/rails-twitter-and-facebook-authentications-with-omniauth-and-devise/
I have created a simple API for a Rails application using token-based-authentication that supports User Log In and Log Out and a couple of other actions to update a User's status. I want this API to be used by devices running iOS. I have based my code on the example found here. In addition to allowing a device to login and update a User's status I would like new users to be able to Sign Up from the device. However looking at Devise's helper class I can't see any methods that support Sign Up, only Log In and Log Out.
Has anyone managed to implement Sign Up through an API? Are there any security issues with allowing this? How should I approach this?
Sign up from an iOS device is really just a (JSON?) POST to the User resource using a different format responder.
This data is passed in the clear from an iOS device, so make sure you use https on these routes if you're worried about security.
I am currently using Devise+Omniauth on my Rails 3 app to authenticate users. My client saw this and doesn't like how omniauth redirects you away from the site. He wants something like on digg.com, which I believe uses facebook connect to authenticate (and opens in a popup instead of redirecting).
What are some arguements for my client to keep him using the Omniauth method? Why is it better than Facebook connect.
And failing that, are there any good resources for logging users in with a facebook connect popup window? Or really anything involving facebook and a popup.
Thanks!
OmniAuth supports login via the Facebook Javascript SDK, which works through a popup. You just need to include the right files. I don't remember all the details, but this should help:
https://github.com/intridea/omniauth/issues/120