Fred
Reputation: 1031
Koala Rails Authentication
I have the following code:
application_controller.rb
class ApplicationController < ActionController::Base
protect_from_forgery
before_filter :current_user
def facebook_cookies
@facebook_cookies ||= Koala::Facebook::OAuth.new.get_user_info_from_cookie(cookies).symbolize_keys!
end
def current_user
begin
# allow for ?access_token=[TOKEN] for iOS calls.
@access_token = params[:access_token] || facebook_cookies[:access_token]
@graph = Koala::Facebook::API.new(@access_token)
# TODO: move this to session[:current_user]..
@current_user ||= User.from_graph @graph.get_object('me', { fields: 'id,first_name,last_name,gender,birthday' })
rescue
nil # not logged in
end
end
def authenticate
redirect_to(root_url) if current_user.nil?
end
end
(I have setup Koala as described here https://github.com/arsduo/koala/wiki/Koala-on-Rails)
I don't really want to introduce OmniAuth as what I am trying to do is fairly simple. The above code works, the problem is that it is calling Facebook for every page load = not good. I'm guessing I need to store session[:user_id] and then just call User.find(session[:user_id]) for each subsequent request after the user has authenticated?
Can anyone suggest the most efficient way of solving this so I'm not waiting for Facebook on each page load?
Upvotes: 1
Views: 1897
Answers (2)
tor2608
Reputation: 3
I have an implementation that is use for my facebook authentication and authorization. The code is seperated in non state changing methods and statechanging methods.
Feel free to use the code.
## checks if we have access to fb_info and it is not expired
## Non stagechanging
def oauth_is_online
return !(session[:fb_cookies].nil? or session[:fb_cookies]['issued_at'].to_i + session[:fb_cookies]['expires'].to_i < Time.now.to_i - 10)
end
## checks if the user is in the database
## Non stats changing
def oauth_is_in_database
return oauth_is_online && 0 < User.where(:fb_id => session[:fb_cookies]['user_id']).count
end
## Returns true if it is the specified user
## Non stagechanging
def oauth_is_user(user)
return oauth_is_online && session[:fb_cookies]['user_id'] == user.fb_id
end
## Requires the user to be online. If not, hell breaks loose.
def oauth_require_online
if !oauth_ensure_online
render :file => "public/401.html", :status => :unauthorized, :layout => false
return false
end
return session[:fb_cookies]
end
## Requires the user to be online and the correct user. If not, hell breaks loose.
def oauth_require_user(user)
c = oauth_require_online
return false unless c
return c unless !oauth_is_user(user)
render :file => "public/403.html", :status => :unauthorized, :layout => false
return false
end
## Ensures that the user is online
def oauth_ensure_online
begin
# Checks if the user can be verified af online
if !oauth_is_in_database
# the user is not online. Now make sure that they becomes online.
logger.info "Creates new FB Oauth cookies"
fb_cookies = Koala::Facebook::OAuth.new.get_user_info_from_cookie(cookies)
# TODO In the future the session should be reset at this point
# reset_session
session[:fb_cookies_reload] = false
session[:fb_cookies] = fb_cookies
logger.info "Updating user in database."
# Tries to load the user
@current_user = User.where(:fb_id => session[:fb_cookies]['user_id']).first
logger.info "User exists? => #{@current_user.nil?}"
# creating if not found
@current_user = User.new(:fb_id => session[:fb_cookies]['user_id']) unless !@current_user.nil?
# Loading graph
@fb_graph = Koala::Facebook::API.new(session[:fb_cookies]['access_token'])
# Loading info from graph
me = @fb_graph.get_object('me')
@current_user.name_first = me['first_name'].to_s
@current_user.name_last = me['last_name'].to_s
@current_user.email = me['email'].to_s
@current_user.fb_access_token = session[:fb_cookies]['access_token'].to_s
# Saving the updated user
@current_user.save!
return oauth_is_online
else
# the user is online. Load variables.
@current_user = User.where(:fb_id => session[:fb_cookies]['user_id']).first
@fb_graph = Koala::Facebook::API.new(@current_user.fb_access_token)
end
return oauth_is_online
rescue Koala::Facebook::OAuthTokenRequestError => oe
## TODO handle the diferent errors
# user is not online on facebook
# user have not authenticatet us
# token is used allready once.
logger.debug "FB koala OAuthTokenRequestError: #{oe}"
return false
end
end
Upvotes: 0
fuzzyalej
Reputation: 5973
You could try something like this:
class ApplicationController < ActionController::Base
protect_from_forgery
before_filter :current_user, if: Proc.new{ !current_user? }
def facebook_cookies
@facebook_cookies ||= Koala::Facebook::OAuth.new.get_user_info_from_cookie(cookies).symbolize_keys!
end
def current_user
begin
# allow for ?access_token=[TOKEN] for iOS calls.
@access_token = params[:access_token] || facebook_cookies[:access_token]
@graph = Koala::Facebook::API.new(@access_token)
# TODO: move this to session[:current_user]..
@current_user ||= User.from_graph @graph.get_object('me', { fields: 'id,first_name,last_name,gender,birthday' })
rescue
nil # not logged in
end
end
def authenticate
redirect_to(root_url) if current_user.nil?
end
def current_user?
!!@current_user
end
end
Upvotes: 4
Related Questions
- Facebook authentikation Koala::Facebook::AuthenticationError type: OAuthException, code: 190
- Rails Koala - Getting a undefined method `oauth_token=' for #<User:
- Koala::Facebook::AuthenticationError - type: OAuthException, code: 2500, message
- Rails 4 - Get Facebook cookies from Koala gem?
- Accessing facebook public data via koala
- Persistent server side Facebook authentication
- Setup simple facebook oauth using koala ruby gem
- How do I perform Facebook authentication in Rails?
- Handle permissions with koala signed request
- How to create Rails app users from Facebook login using Koala?