Skip to content

Instantly share code, notes, and snippets.

@biglovisa

biglovisa/oauth-example.md

Last active Jul 13, 2020
Embed
What would you like to do?
OAuth Example using the omniauth-github gem

Implement OAuth in your Rails application:

  1. Create an app on github (make sure the callback url is http://localhost:3000/auth/github/callback)

  2. Add an initializer, config/initializers/omniauth.rb

  Rails.application.config.middleware.use OmniAuth::Builder do
    provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET']
  end
  1. Add key and secret. Make sure that you can access the keys in the rails console like this:

    • ENV["GITHUB_SECRET"]
    • ENV["GITHUB_KEY"]
  2. Change login link in home.html.erb to “/auth/github”

  3. Create callback route: routes.rb, get '/auth/:provider/callback', to: 'sessions#create'

  4. Create a sessions controller

    • add a #create action in the sessions controller
    def create
      @user = User.find_or_create_from_auth(request.env['omniauth.auth'])
      if @user
        session[:user_id] = @user.id
        redirect_to dashboard_path
      else
        redirect_to root_path
      end
    end
  5. Create user model: nickname, email, provider, token, uid, image_url, token

  6. In the user model, build the class method #find_or_create_from_auth that we referenced in sessions#create

  def self.find_or_create_by_auth(auth)
    user = User.find_or_create_by(provider: auth['provider'], uid: auth['uid'])

    user.nickname = auth['info']['nickname']
    user.name = auth['info']['name']
    user.email = auth['info']['email']
    user.image_url = auth['info']['image']
    user.token = auth['credentials']['token']

    user.save
    user
  end
  1. Create current user method in application controller
	  helper_method :current_user
	
	  def current_user
	    @current_user ||= User.find(session[:user_id]) if session[:user_id]
	  end
	
	  def authorize!
	    redirect_to root_path unless current_user
	  end
  1. Add destroy action in sessions controller

  2. routes.rb: “delete '/logout', to: 'sessions#destroy'”

@goldenhub77

This comment has been minimized.

Copy link

@goldenhub77 goldenhub77 commented May 19, 2017

FYI the ENV keys need to be changed to GITHUB_CLIENT_ID & GITHUB_CLIENT_SECRET to work with githubs current configuration.

@jedrekdomanski

This comment has been minimized.

Copy link

@jedrekdomanski jedrekdomanski commented Oct 24, 2017

Does this work for you? I have done it in the exact same way as you and as the documentation says but when I go to /auth/github I get 404 page not found error message from Github. Any idea why?

@jedrekdomanski

This comment has been minimized.

Copy link

@jedrekdomanski jedrekdomanski commented Oct 24, 2017

Nevermind, it appears that I had to wait like half a day for GitHub to start authorizing and responding to my requests after I registered a new app

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.