Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

what is the omniauth & email-password registration best practice?

Tags:

ruby

ruby-on-rails

devise

authlogic

omniauth

What is the best practice for combining Facebook login (let's say I'll use Omniauth gem) and email+password login?

I saw a few blogs, saw the Railscasts, I know everyone is using Devise gem with Omniauth. But I'm looking for some different perspective.

subquestions:

I'm considering creating email+password sign-up from scratch (not using any gem for this, lets keep it fast and light) so do you have any advice for this ? Or if you have particular gem in mind, please let it be fast.

And do you have any other recommendations for Oauth2 gems (alternative to Omniauth) handling authentication to Facebook ?

I'm sorry I'm asking this fundamental questions here, but I didn't found many answers (and most of them I found are based on Devise)

like image 495
equivalent8 Avatar asked Jan 19 '23 20:01

equivalent8

1 Answers

This is how I saw it's done in most examples on the web

auth_with_devise_and_ominauth

basicly when you signup with email+password, you are creating row directly to User model (not touching the Authent. model) and when signing up with Omniauth, than you are creating new authentication that communicates with User model.

And basicly on next login you are doing something like this :

 if (user.password == 'xxx')
    login
 elsif user.authentication.uid == 'xxx'
    login
 else
    'hello signup !'
 end

so you are swiching between 2 models, and raping (sorry for the term) the User model witch should hold only user info

The solution, in a way, I think is correct (from my experience and discussions with my colleagues but I'm still not 100% sure this is the right answer)

enter image description here

as you see even the user+password is going trough Authent. model, that means the site user+password is acting as a provider on its own

so to be absolutly correct it should be look like this enter image description here

  • scenario 1

signing up with FB: you save FB uid and authKey to authentication table, then create user

  • scenario 2

signing up with password: you create new row in AppPass table, then you create row in Authentication table (as a access to provider witch is actually your app) and than you create user

Why?

because now when user logs in, is always going trough Authent. model, not making condition between 2 models (the Authent. and the User model)

now can anyone please tell me, ...is this a good approach :D ?

like image 108
equivalent8 Avatar answered Jan 31 '23 11:01

equivalent8
Sign in to Comment

Related questions

What causes this dependency error in Rails 3?
Error when trying to run gem install
Functions in controller.js.coffee
How to index boolean column in thinking sphinx using Ruby 1.8.7
How do you use ActionDispatch::Routing::RouteSet recognize_path?
have a relative shebang line
RoR 3 - Finding a list of parents from group of children
Rails migration: primary key id with unsigned int(10)
Must have ruby gems for every rails project (2011 edition) [closed]
Rails 3 - A model with a one to one relationship to itself - do I need belongs_to
Rspec: Show a model's errors when it's not valid
PGError: ERROR: relation "delayed_jobs" does not exist (Postgresql, rails 3.04, delayed_job error)
i'm getting this error: uninitialized constant YAML::ENGINE (NameError)
Retrieving Google profile picture with Omniauth on Rails 3
Can bundler constrain a gem installation to a certain operating system?
ActiveAdmin Rails edit/delete
ruby on rails application wide method in helper vs. controller?
Making the move to Java Spring from Rails
Why don't people access database in Rspec?
Rails 3 Factories vs Simple Instantiation

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!