How to use Oauth in ROR

I hate signing up for websites. I’ve already signed up for so many, using different usernames, that going back to one of them and trying to remember my credentials is sometimes impossible. These days, most sites have begun offering alternative ways to sign up, by allowing you to use your Facebook, Twitter or even your Google account. Creating such an integration sometimes feels like a long task. But fear not, Oauth is here to help.

In this tutorial, i’m going to explain how to integrate these authentication providers into your Rails app. Here i use “omniauth” gem. Because Omniauth allows you to easily integrate more than sixty authentication providers, including Facebook, Google, Twitter and GitHub.

Step 1: Preparing your Appllication

Let’s create a new Rails application and add the necessary gems. I’m going to assume you’ve already installed Ruby on Rails 4.0 or latest using RubyGems.

Run this command in your terminal

rails new omniauth-tutorial

Now open your Gemfile and reference the omniauth gem.

gem 'omniauth'

Next, per usual, run the bundle install command to install the gem.

Step 2: Creating a Provider

In order to add a provider to Omniauth, you will need to sign up as a developer on the provider’s site. Once you’ve signed up, you’ll be given two strings (sort of like a username and a password), that needs to be passed on to Omniauth.

Step 3: Add your Providers to the App

Create a new file under config/initializers called omniauth.rb. We’re going to configure our authentication providers through this file.

Paste the following code into the file we created earlier

Rails.application.config.middleware.use OmniAuth::Builder do
 		provider << provider >>,
    Rails.configuration.<< provider >>_client_id,
	Rails.configuration.<< provider >>_secret_key ,
    << options >>
end

For example use the google provider then use the following

Rails.application.config.middleware.use OmniAuth::Builder do
 		provider :google_oauth2,
	Rails.configuration.google_client_id,
	Rails.configuration.google_secret_key , { :scope =>
	"userinfo.profile, userinfo.email, devstorage.full_control,
	compute", :prompt => 'consent'}
end

####Step 4: Creating the Login Page

Let’s create our sessions controller. Run the following code in your terminal to create a new sessions controller.

rails generate controller sessions

And add some actions in your controller. Next, open your config/routes.rb file and add this

get   '/login', :to => 'sessions#new', :as => :login
match '/auth/:provider/callback', :to => 'sessions#create'

Let’s break this down:

The first line is used to create a simple login form where the user will see a simple Connect with Provider link. The second line is to catch the provider’s callback. After a user authorizes your app, the provider redirects the user to this url, so we can make use of their data.

Open your app/controllers/sessions_controller.rb file and write the create method, like so

def create
  auth_hash = request.env['omniauth.auth']
  render :text => auth_hash.inspect
end

This is used to make sure everything is working. Point your browser to localhost:3000/auth/provider and you’ll be redirected to provider page so you can authorize your app. Authorize it, and you will be redirected back to your app and see a hash with some information.

####Step 5: Creating the User Model

In the Rails console (rails console), create the new model.

rails generate model User name:string email:string

For now, our user model will only have a name and an email. With that out of the way, we need a way to recognize the user the next time they log in.

####Step 6: Adding create action on controller

Let’s add some code to our sessions controller so that it logs a user in or signs them up, depending on the case. Open app/controllers/sessions_controller.rb and modify the create method, like so:

def create
 	 auth_hash = request.env['omniauth.auth']
 	 user_identity = User.find_by_email(auth_hash["info"] ["email"])
 	if user_identity
   render :text => "Welcome back #{user_identity.user.name}! You have already signed up."
 	else
   user = User.new :name => auth_hash["info"]["name"], :email => auth_hash["info"]["email"]
   user.save
   render :text => "Hi #{user.name}! You've signed up."
 	end
end

We check whether an authorization exists for that provider and that email. If one exists, we welcome our user back.

If no authorization exists, we sign the user up. We create a new user with the name and email that the provider gives us, and we associate an authorization with the provider. Give it a test! Go to localhost:3000/auth/provider and you should see “You’ve signed up”. If you refresh the page, you should now see “Welcome back”.

####Step 7: Create html

Open app/views/sessions/new.html.erb and add

<%= link_to "Connect", "/auth/<< provider >>" %>
About the Author

VirtEngine by DET.io

VirtEngine by DET.io
VirtEngine specializes in building Virtualization Software and powering Cloud Service Providers / Hosting Providers..
Follow @VirtEngine
Read More

Meet VirtEngine at HostingCon India 2016!

Virtualization platform VirtEngine will be exhibiting in HostingCon India 2016! Continue reading

Installing VirtEngine on CentOS

Published on October 18, 2016

Cassandra Replication - HA

Published on July 14, 2016