OAuth in Rails - google, twitter, facebook, connect for login like stackoverflow login_问答_开发者

OAuth in Rails - google, twitter, facebook, connect for login like stackoverflow login

开发者 https://www.devze.com 2022-12-25 05:08 出处：网络

Rails has the rest autho plugin which works well but is there a solution for incorporating 开发者_如何学JAVAtwitter, facebook, google, yahoo, etc...

Seems like each on has its own plugin and demands and mixing them is going to be a mess.

This is for logging in users like how Stackoverflow gets things done not for using the robust features of the APIs.

What I want to do is do what stackoverflow did for login but in rails.

I would definitely vote for OmniAuth :

https://github.com/intridea/omniauth

Here are some resources to get You started :

http://blog.railsrumble.com/blog/2010/10/08/intridea-omniauth

http://railscasts.com/episodes/235-omniauth-part-1

http://railscasts.com/episodes/236-omniauth-part-2

It's not too difficult to write your own controller code to connect to each of these services and redirect. For example, to authenticate to twitter using oauth takes two actions and about 20 lines of code total.

Keep the code for each service separate in it's own controller.

def twitter_oauth
  o = Twitter::OAuth.new(your_twitter_consumer_token, your_twitter_consumer_secret, :authorize_path => '/oauth/authenticate', :sign_in => true)
  o.set_callback_url(twitter_cb_url)
  session[:twitter_oauth_request_token] = o.request_token.token
  session[:twitter_oauth_request_secret] = o.request_token.secret
  redirect_to o.request_token.authorize_url
end

def twitter_oauth_cb
  o = Twitter::OAuth.new(your_twitter_consumer_token, your_twitter_consumer_secret, :authorize_path => '/oauth/authenticate', :sign_in => true)
  if params[:denied]
    redirect_to root_url
  elsif params[:oauth_verifier]
    o.authorize_from_request(session[:twitter_oauth_request_token], 
                             session[:twitter_oauth_request_secret],
                             params[:oauth_verifier])
    # look up this user in the db by o.access_token.token 
    # is the user not found? create them, save their token
    # log them in - UserSession.create(user, true)
    redirect_to root_url
  end
end

I made an implementation of this using authlogic, using the same JQuery OpenID Selector plugin that StackOverflow is using. Works with Google, Yahoo, Facebook, etc. I've been using it for about 3 months and it works quite well. Still a few kinks to workout, it also supports auto-registration.

I'd like to add twitter to future versions and am hoping others will help add some features/bug fixes. ;-) Check it out.

In action:

http://big-glow-mama.heroku.com/

Code:

http://github.com/holden/authlogic_openid_selector_example

If you got a budget for it, you can check out RPX: https://rpxnow.com/.

If you want a more feature complete solution and want to implement traditional signup method as well as , then you can use devise gem which already has support for omniauth.

You can follow following tutorial on railscast

http://railscasts.com/episodes/235-devise-and-omniauth-revised

I hope it'll help somebody!