Reputation: 5020
I want my Rails application to act as an OAuth2 provider.
I am relatively new to Ruby development, however it seems to me that developing OAuth2 in Ruby in simple.
I saw many OAuth2 liberary in the web, but don't know how to implement in Rails project.
Please help me.
Upvotes: 2
Views: 445
Reputation: 3568
It would help if you could be more specific about what you are trying to achieve. I assume you want to authorise users using Oauth2 using Google or Facebook for example
I can recommend the Devise gem.
https://github.com/plataformatec/devise
which can be used to authorise through many providers such as facebook
https://github.com/mkdynamic/omniauth-facebook
or Google
https://github.com/zquestz/omniauth-google-oauth2
UPDATE
Instructions for facebook auth
Add the Gem to your Gemfile
gem 'devise'
and from the command line run:
bundle install
then run the following commands
rails generate devise:install
rails generate devise user
rake db:migrate
where user is the model you are going to store user information in
You will need to add a few fields to your model
rails generate migration add_columns_to_user email:string provider:string
rake db:migrate
Then create a facebook app as you will need the App ID and secret key to authorise users
I add this to config/initializers/constants.rb
APPID = 'YOUR_APP_ID'
FBKEY = 'YOUR_FB_KEY'
add the following code to config/initializers/devise.rb
require 'devise/orm/active_record'
require "omniauth-facebook"
config.omniauth :facebook, APPID, FBKEY
add the following code to the bottom of config/routes.rb
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
Ensure the devise has not added another devise_for route, delete if there is already a route present in routes.rb and add the code above
add the following code to your app/models/user.rb file
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable,
:omniauthable
# Setup accessible (or protected) attributes for your model
attr_accessible :email, :provider, :uid, :email, :password, :password_confirmation, :remember_me
def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
user = User.where(:provider => auth.provider, :uid => auth.uid).first
unless user
user = User.create( provider:auth.provider,
uid:auth.uid,
email:auth.info.email,
password:Devise.friendly_token[0,20]
)
end
user
end
in app/controllers add a directory called users
mkdir users
then add a file omniauth_callbacks_controller.rb with the following code to users dir
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def facebook
# You need to implement the method below in your model (e.g. app/models/user.rb)
@user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
if @user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook"
sign_in_and_redirect @user, :event => :authentication
else
session["devise.facebook_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
add the following code to your view
<% if current_user%>
<%= current_user.email %>
<%= link_to('Logout', destroy_user_session_path, :method => :delete) %>
<% else %>
<%= link_to "Sign in with Facebook", user_omniauth_authorize_path(:facebook) %>
<% end%>
Upvotes: 2