I am not using devise or some other like-gem. I am very new to RoR.
Here is my routes.rb
# For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
Rails.application.routes.draw do
get "about", to: "about#index"
get "password", to: "passwords#edit", as: :edit_password
patch "password", to: "passwords#update"
get "password/reset", to: "password_resets#new"
post "password/reset", to: "password_resets#create"
get "password/reset/edit", to: "password_resets#edit"
patch "password/reset/edit", to: "password_resets#update"
get '/auth/:provider/callback', to: 'sessions#create'
get "sign_up", to: "registrations#new"
post "sign_up", to: "registrations#create"
get "sign_in", to: "sessions#new"
post "sign_in", to: "sessions#create"
delete "logout", to: "sessions#destroy"
root to: "main#index"
end
Here is user.rb
# email:string
# password_digest:string
#
# password:string virtual
# password_confirmation:string virtual
class User < ApplicationRecord
has_secure_password
validates :email, presence: true, format: { with: /\A[^@\s]+@[^@\s]+\z/, message: "must be a valid email address" }
end
here is my omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter,Rails.application.credentials.dig(:twitter,:api_key), Rails.application.credentials.dig(:twitter,:api_key)
end
I have made all the settings in my Twitter app. Please help.
I'm the author of the Ruby on Rails for Beginners course. 👋 I've updated the videos to reflect the changes.
Omniauth 2.0 was released which requires you to use POST requests now for security.
Now we'll add two gems:
bundle add omniauth-twitter omniauth-rails_csrf_protection
And make sure you've got api_secret
as the second argument in your omniauth.rb initializer:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter,Rails.application.credentials.dig(:twitter,:api_key), Rails.application.credentials.dig(:twitter,:api_secret)
end
Then you can redirect to twitter by adding method: :post
to your link_to
or button_to
link_to "Connect Twitter", "/auth/twitter", method: :post, class: "btn btn-primary"
button_to "Connect Twitter", "/auth/twitter", method: :post, class: "btn btn-primary"
This works with both Project and Standalone Twitter apps so you can use either one. 👍
At this point in time, the Twitter API started rolling in their v2 version of their API. The tutorial makes use of v1.1 so please make sure to use that one instead in the meantime. To do so, create a Standalone App instead:
After adding the API keys to the Rails credentials and adding the http://localhost:3000/auth/twitter/callback
to the Callbacks URL config in the Twitter developer portal, add the following extra lines to omniauth.rb
, these will re-enable get requests to localhost:3000/auth/twitter
and remove the security warning from the console:
# Required to allow get requests, which enables a security flaw but that's how the tutorial is set up.
OmniAuth.config.allowed_request_methods = [:post, :get]
OmniAuth.config.silence_get_warning = true
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter, Rails.application.credentials.dig(:twitter, :api_key), Rails.application.credentials.dig(:twitter, :api_secret)
end
Restart your Rails server and navigate to localhost:3000/auth/twitter
, this should redirect you to a url that looks similar to the following:
https://api.twitter.com/oauth/authenticate?oauth_token=xov0NQAAAAABMcOqAAABd3F1_T0
This URL will render an authorize screen if the Twitter account being used has not yet enabled the app:
Provided that your OmniauthCallbacksController
looks like this:
class OmniauthCallbacksController < ApplicationController
def twitter
render plain: "success"
end
end
Your app should redirect to /auth/twitter/callback
. The url will look something like http://localhost:3000/auth/twitter/callback?oauth_token=D4V2tAAAAAABMcOqAAABd3GFmgM&oauth_verifier=TSxCgaVsoQzY039l5DKQBJQiLKkaWBCA
and it should print success
on the page.
Hope this helps!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With