I work on a lot of ruby on rails web applications. Usally, to get the ball rolling, we start with just a regular email and password authentication system using devise. This is a great way to get started since it is well supported, familiar, and allows us to conveniently create and log in with various test accounts.
However, in 2015, nearly every web application will need to have authentication via some OAuth21 service. Several large networks allow this - Google, Facebook, GitHub, Twitter, and LinkedIn are the most popular, though there are strong arguments that developers really should support systems like OpenID as well. Thankfully, getting authentication going from a variety of OAuth providers is pretty easy with Devise and Omniauth. However, there are a few gotchas.
Initial Setup of Omniauth-Facebook
Assuming you already have Devise installed and set up, you’ll need to add the omniauth gem to your gemfile, and a gem for one of the omniauth authentication providers. For this example, we’ll use omniauth-facebook.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
With this, you’re almost done. You have the user’s browser sending requests to Facebook’s servers, receiving authorization, and then returning the bits of information you need to log the user in. All you need to do is get that authentication information onto your server - which is pretty standard Omniauth.
This post will be updated once this process is complete.