How to setup local development environment for Rails when using Devise Omniauth with GitHub?

Question

I am in the process of replacing Devise Database Authenticatable with Devise Omniauthable and using the GitHub OAuth strategy. I'd like the GitHub OAuth sign in option to be the only one available.

I successfully got all this working on my local development environment. The problem I'm facing is to continue developing additional functionality on my local development environment after the OAuth functionality is launched on the production site. At that point I'd have to change the Authorization callback URL setting from the current http://localhost:5300/users/auth/github/callback to the actual url to the registered GitHub application.

Obviously, at that point the GitHub OAuth on my local machine will stop working.

I searched everywhere to see how this could be solved but no luck.

Answer 1

I've handled this in the past by creating two apps with the OAuth service. One is a production app that redirects back to my production domain and the other is an app that redirects back to my development environment. You can add a third app for a staging environment, later when you start using one.

Then I use environment variables from the app_key and app_secret_key within my own app, so in a development environment I'm authenticating against the development GitHub app and in production I'm authenticating against the production GitHub app.

With specified endpoints, this is the only solution I've found that worked. If you can provide redirect endpoints with the authentication request, then you can get away with a single app, but this is generally insecure and not a common feature at this point.