Cyber
Cyber

Reputation: 5020

How to implement OAuth2 in Ruby?

I want my Rails application to act as an OAuth2 provider.

I am relatively new to Ruby development, however it seems to me that developing OAuth2 in Ruby in simple.

I saw many OAuth2 liberary in the web, but don't know how to implement in Rails project.

Please help me.

Upvotes: 2

Views: 445

Answers (1)

Purple Hexagon
Purple Hexagon

Reputation: 3568

It would help if you could be more specific about what you are trying to achieve. I assume you want to authorise users using Oauth2 using Google or Facebook for example

I can recommend the Devise gem.

https://github.com/plataformatec/devise

which can be used to authorise through many providers such as facebook

https://github.com/mkdynamic/omniauth-facebook

or Google

https://github.com/zquestz/omniauth-google-oauth2

UPDATE

Instructions for facebook auth

Add the Gem to your Gemfile

gem 'devise'

and from the command line run:

bundle install

then run the following commands

rails generate devise:install

rails generate devise user

rake db:migrate

where user is the model you are going to store user information in

You will need to add a few fields to your model

rails generate migration add_columns_to_user email:string provider:string
rake db:migrate

Then create a facebook app as you will need the App ID and secret key to authorise users

I add this to config/initializers/constants.rb

APPID = 'YOUR_APP_ID'
FBKEY = 'YOUR_FB_KEY'

add the following code to config/initializers/devise.rb

require 'devise/orm/active_record'
require "omniauth-facebook"
config.omniauth :facebook, APPID, FBKEY

add the following code to the bottom of config/routes.rb

devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }

Ensure the devise has not added another devise_for route, delete if there is already a route present in routes.rb and add the code above

add the following code to your app/models/user.rb file

devise :database_authenticatable, :registerable,
     :recoverable, :rememberable, :trackable, :validatable,
     :omniauthable

# Setup accessible (or protected) attributes for your model
attr_accessible :email,  :provider, :uid, :email, :password, :password_confirmation, :remember_me


def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
  user = User.where(:provider => auth.provider, :uid => auth.uid).first
  unless user
    user = User.create(  provider:auth.provider,
                       uid:auth.uid,
                       email:auth.info.email,
                       password:Devise.friendly_token[0,20]
                       )
  end
  user
end

in app/controllers add a directory called users

mkdir users

then add a file omniauth_callbacks_controller.rb with the following code to users dir

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def facebook
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)

    if @user.persisted?
      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook"
      sign_in_and_redirect @user, :event => :authentication
    else
      session["devise.facebook_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end
end

add the following code to your view

<% if current_user%>
  <%= current_user.email %>
  <%= link_to('Logout', destroy_user_session_path, :method => :delete) %>
<% else %>
  <%= link_to "Sign in with Facebook", user_omniauth_authorize_path(:facebook) %>
<% end%>

Upvotes: 2

Related Questions