CSC/ECE 517 Spring 2015/ch1b 21 QW

Omniauth

Omniauth is a Ruby authentication framework aimed to integrated with various types of authentication providers. It can be hooked up to any system, from social network to enterprise systems to simple username and password authentication. <ref>https://github.com/intridea/omniauth/wiki</ref>

The topic writeup for this page can be found here.

Background

With web application booming, most users login hundreds of services every day and won't expect to create unique login and password for each service. So intridea recently releases a standard library to provide multi-provider authentication for web applications.

Rack Middleware

Sinatra

Getting Start

Each OmniAuth strategy is a Rack Middleware, which means it can be used the same way as other Rack middleware. Here we introduce some simple steps to illustrate how to use Twitter strategy for OmniAuth.<ref>https://github.com/intridea/omniauth</ref>

Add Gemfile

First start by adding this gem to your Gemfile:

gem 'omniauth-twitter'

If you need to use the latest HEAD version, you can do so with:

gem 'omniauth-twitter', :github => 'arunagw/omniauth-twitter'

Specify Multi-strategies

Because OmniAuth is built for multi-provider authentication, you need to run multiple strategies. For this, the built-in OmniAuth::Builder class gives you an easy way to specify multiple strategies. Note that there is no difference between the following code and using each strategy individually as middleware. This is an example that you might put into a Rails initializer at config/initializers/omniauth.rb :

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :developer unless Rails.env.production?
  provider :twitter, ENV['TWITTER_KEY'], ENV['TWITTER_SECRET']
end

Where "TWITTER_KEY" and "TWITTER_SECRET" is the appropriate values you obtained here.

Integrate OmniAuth into Rails Application

Other Examples

References

<references/>