Reputation: 3361
Rails and Omniauth - How much data from the authentication hash should I be saving?
I am currently using rails and the omniauth gem to integrate my application with facebook, twitter and linkedin. When I process an omniauth callback I simply save uid and provider from the authentication hash. Most tutorials online only save these fields as well but how would you be able to access the users details from facebook/twitter/linkedin later on? What other fields from the authentication hash should be saved other than uid/provider?
Some guides I have read:
Upvotes: 3
Views: 654
Answers (2)
Reputation: 3361
Ended up saving the access token from facebook, polling the api if I needed info and then automatically refreshing the token every 2 hours.
Upvotes: 0
Reputation: 4315
In the Railscast there is an example before creating full-functional OmniauthCallbacksController , where the line :
raise request.env["omniauth.auth"].to_yaml
outputs the request on the screen . As you can see , in this hash ,omniauth.auth, there is a lot of useful information about the authenticated user . It is received each time the authentication is OK . In this case there is no need to store anything else in your database except uid and provider .
The entries of the hash are accessible like this :
(request.env["omniauth.auth"]).info.nickname
or
(request.env["omniauth.auth"]).uid
You see the logic : every section of the yaml output (let's say `info') contains specific attributes .
Upvotes: 3
Related Questions
- Rails authentication strategy
- Custom strategy for Omniauth
- Using OmniAuth in Rails 5
- What mechanism do OmniAuth provide to ensure a secure login?
- How to store OAuth data
- what is the omniauth & email-password registration best practice?
- omniauth-identity auth_key
- What to do with access token(from the Auth Hash) in Omniauth?
- When authenticating with Omniauth, what data should I store in the cookie?
- Help with Omniauth and adding records