Brave Search

github.com › heartcombo › devise

GitHub - heartcombo/devise: Flexible authentication solution for Rails with Warden. · GitHub

Devise is a flexible authentication solution for Rails based on Warden. It: ... Is based on a modularity concept: use only what you really need. ... Database Authenticatable: hashes and stores a password in the database to validate the authenticity ...

Starred by 24.3K users

Forked by 5.5K users

Languages Ruby 97.2% | HTML 2.8%

DigitalOcean

digitalocean.com › community › tutorials › how-to-configure-devise-and-omniauth-for-your-rails-application

How To Configure Devise and OmniAuth for Your Rails Application | DigitalOcean

September 12, 2014 - You won’t believe how long it took for me to integrate oauth with devise. Thank you so much for putting this amazing tutorial online. I’ve tried every other online tutorial, read the docs, and asked around and still couldn’t get it to work. Finally it is working and it is because of this tutorial. Thanks again. Omar ... Tried to implement the same tutorial for Facebook, user gets saved in the database, but email gets nulled everytime. Any clue? ... The api changed on 8 of July. ... config.omniauth :facebook, “appid”, “appsecret”, scope: ‘email’, info_fields: ‘email’

Discussions

ruby on rails - Devise/OmniAuth: different logic for for registration and login - Stack Overflow

The default devise authorization path (i.e. user_omniauth_authorize_path mentioned here) appears to be designed to work for both OmniAuth registration and login. By the time auth is received in the More on stackoverflow.com

stackoverflow.com

ruby on rails - How does Devise and OmniAuth work together? - Stack Overflow

I have some questions on how Devise and OmniAuth work as I couldn't find any clarification on these one's I'm about to ask. Here I'll use Facebook as an example. If I wanted users to be able to si... More on stackoverflow.com

stackoverflow.com

Rails, Devise & Omniauth - problems with setup - Stack Overflow

I am trying (again) to set up authentications with Rails 4, devise and omniauth. I tried to follow the example in this post: Rails 4, Devise, Omniauth (with multiple providers) I have these gems More on stackoverflow.com

stackoverflow.com

Help with Omniauth and devise (Rails 7)

Turbo tries to make an AJAX request to the 3rd party authorization page, which fails because Google’s CORS settings don’t allow it. I needed to disable Turbo for OmniAuth authorize links, so that the browser actually redirects to the 3rd party. button_to “…”, omniauth_authorize_path(…), method: :post, data: { turbo: false } More on reddit.com

r/rails

April 5, 2022

Videos

14:38

YouTube

Google and Github Omniauth with Devise | Ruby on Rails 8 Tutorial ...

August 5, 2025

youtube.com

Rails 7 #123 omniauth with multiple providers

youtube.com

Devise Google Login With Omniauth | Ruby On Rails 7 Tutorial - YouTube

May 9, 2022

27:07

YouTube

Google OAuth2 with Omniauth in Rails - YouTube

October 25, 2024

01:09

YouTube

#176 Sign in with Apple. Devise Omniauth. | Ruby on Rails | Trailer ...

June 30, 2024

342

youtube.com

Ruby on Rails #103 Simple Omniauth without Devise - YouTube

January 16, 2023

View all

Henrytabima

henrytabima.github.io › rails-setup › docs › devise › omniauth

OmniAuth · Rails Setup

After configuring your strategy, you need to make your model (e.g. app/models/user.rb) omniauthable: devise :omniauthable, omniauth_providers: %i[facebook]

github.com › heartcombo › devise › wiki › OmniAuth:-Overview

OmniAuth: Overview · heartcombo/devise Wiki · GitHub

April 9, 2019 - After configuring your strategy, you need to make your model (e.g. app/models/user.rb) omniauthable: devise :omniauthable, omniauth_providers: %i[facebook]

Author heartcombo

saschakala.medium.com › start-to-finish-devise-with-github-omniauth-authentication-ruby-on-rails-d77b06c995f9

start to finish Devise with GitHub OmniAuth authentication — Ruby on Rails | by Sascha Kala | Medium

November 24, 2020 - Start your server and check out your sign up page — you’ll notice that a link to login with GitHub already exists! Turns out that Devise is set up to automatically render 3rd party login links for users that are omniauthable, with no extra ...

DEV Community

dev.to › geraldarzy › omniauth-with-devise-3d5h

Omniauth with Devise - DEV Community

March 14, 2021 - Go into the devise.rb file located in, config-> initializers -> devise.rb. Now look for the Omniauth section, it should be towards the bottom of the file, but you can just quickly CMD+F to find 'omniauth'.

stackoverflow.com › questions › 29544963 › devise-omniauth-different-logic-for-for-registration-and-login

ruby on rails - Devise/OmniAuth: different logic for for registration and login - Stack Overflow

1 of 3

You can get back parameters from the authorization to indicate the user's intent by adding some parameters on the authorization URL.

For example:

- if devise_mapping.omniauthable?
  - resource_class.omniauth_providers.each do |provider|
    = link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider, {intent: :sign_in})

(This creates a URL like: http://whatevs.dev/users/auth/facebook?intent=sign_in)

Then, in the callbacks controller (whatever you name it):

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def facebook
    if env["omniauth.params"]["intent"] == "sign_in"
      # Don't create a new identity
    else
      # Normal flow, such as:
      @user = User.from_omniauth(request.env["omniauth.auth"])
      sign_in_and_redirect @user
    end
  end
end

2 of 3

If a user clicks "Register with Facebook" and there's no account with their Facebook email, they want to go ahead and create an account with that email

This assumption is not valid since Facebook can be created with just a phone number. Even user has an email, extra permission is required to get the user email from Facebook. Your application should validate facebook_uid returned by Facebook API instead of email.

What's the cleanest way to pass the user's intent ('login' or 'register') into this callback method?

For OmniAuth there is no difference between the 'login' or 'register'. All it does is try to authenticate the user with the provided Facebook token. One clean way to differentiate is to separate on the controller level. If user tries to login in, call SessionsController#create, if user tries to sign up, call UsersController#create.

Find elsewhere

Google Bing Mojeek

stackoverflow.com › questions › 16879572 › how-does-devise-and-omniauth-work-together

ruby on rails - How does Devise and OmniAuth work together? - Stack Overflow

1 of 2

Well, Devise is an user management gem, so it will manage all your user sessions informations, password, password reset, confirmation .... Everything that is related to registrations and login will be handled by devise.

Now if you want to add omniauth login (Facebook,Twitter,....) you have to use omniauth to take care of the login using any provider like Facebook.

Basically Omniauth allows you to link facebook users to your app users but works perfectly well with Devise.

For example when a user is created using Facebook signup it's created in the User Tables which has both devise and omniauth information. So your user will also be able to login using his email and create a password afterwards.

Facebook provide a unique ID for each user which is stored in your database, so when one user is created with Facebook login it has both an email address to use with Devise and the Facebook ID to use with Omniauth to login.

You can use both together with the same user model and manage how you want to do it.

You can for example let user to create a password after omniauth login so that they can login afterwards with either omniauth or devise. Or you can also let existing user link their facebook account for future use.

I hope this is clear enough, if you have anymore questions let me know !

2 of 2

https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

Your user is your user. Omniauth provides an interface to your application which abstracts the whole Oauth protocol logic from you. But it's like this: your user signs in with his facebook account and gets a token. This token is bound to your user in your app, and that's how omniauth identifies him.

No, Omniauth is not the same as devise. Both try to address the same purpose (user authentication on your app), but while devise bundles the whole inner logic of identity provision in your app (creating an account, registering an account, registration emails, recovering an account, managing sessions, signing in, signing out...), Omniauth provides only an interface to link your user account to an authorized third-party account and access its information, and the rest you have to do yourself.

But they can work together (use devise to create accounts local to your app, use omniauth to link those accounts to third-party accounts and (maybe) fill some basic information for the user account based on his third party account, like facebook name, email, photo).

The sessions repository is independent of your users table, so there is no possibility of happening what you stated in the last paragraph.

github.com › heartcombo › devise › blob › main › lib › devise › omniauth.rb

devise/lib/devise/omniauth.rb at main · heartcombo/devise

Flexible authentication solution for Rails with Warden. - devise/lib/devise/omniauth.rb at main · heartcombo/devise

Author heartcombo

stackoverflow.com › questions › 33493369 › rails-devise-omniauth-problems-with-setup

Rails, Devise & Omniauth - problems with setup - Stack Overflow

devise-token-auth.gitbook.io › devise-token-auth › config › omniauth

1 of 2

Devise comes with an out of the box solution for integration with omniuth. You can checkout these urls: 1. https://www.digitalocean.com/community/tutorials/how-to-configure-devise-and-omniauth-for-your-rails-application This one shows integration with DigitalOcean but can be extended to others. 2. https://github.com/plataformatec/devise/wiki/OmniAuth%3A-Overview This one is from devise wiki

Hope it helps

2 of 2

There is a gem called dom that was made exclusively to manage Devise with multiple providers. It makes things deadly simple!

Also, I think you should read these articles. I'm sure you can solve all your questions with them:

Devise OmniAuth: Overview
OmniAuth Managing multiple provaders

Gitbook

OmniAuth | devise-token-auth - GitBook

October 16, 2019 - For example, the demo app uses the default omniauth_prefix setting /omniauth, so the "Authorization callback URL" for github must be set to "https://devise-token-auth-demo.herokuapp.com**/omniauth**/github/callback".

medium.com › another-coding-nomad › configuring-omniauth-with-devise-1ef98156525a

Configuring OmniAuth with Devise. OmniWhat?? | by Brittany Hartmire | Code Journal | Medium

December 7, 2021 - Identify the Client ID and Client Secret from the provider and add them to /config/initializers/devise.rb: ... The .from_omniauth makes the user information from the provider account accessible throughout the rest of your app.

Remimercier

remimercier.com › omniauth-github-rails-app-with-devise

Add Omniauth GitHub to Your Rails App on Top of Devise - Remi Mercier - Software Developer

June 1, 2018 - We go to user.rb and make our user omniauthable. devise :omniauthable, omniauth_providers: %i[github]

medium.com › @adamlangsner › google-oauth-rails-5-using-devise-and-omniauth-1b7fa5f72c8e

Google OAuth + Rails 5 using Devise and OmniAuth | by Adam Langsner | Medium

July 30, 2020 - Devise added a devise_for :admins line of code to the routes file. It creates a bunch of routes we don’t need. Let’s replace it with the bare minimum routes needed for OmniAuth:

DEV Community

dev.to › vvo › devise-create-a-local-omniauth-strategy-for-slack-4066

Devise: create a local OmniAuth strategy for Slack - DEV Community

December 9, 2019 - This article explains how to create a custom OmniAuth strategy and then load it using Devise. This allows you to easily develop your strategy without having to create a gem. Tagged with rails, omniauth, devise, slack.

salmaeng71.medium.com › devise-authentication-guide-with-github-omniauth-for-rails-application-220aa52d5b82

Devise Authentication Guide with GitHub OmniAuth for Rails Application | by Salma Elmasry | Medium

May 28, 2018 - Next up, you should add the columns “provider” (string) and “uid” (string) to your User model — Devise documentation. rails g migration AddOmniauthToUsers provider:string uid:string rake db:migrate · After configuring your strategy, you need to make your model (e.g. app/models/user.rb) omniauthable:

reddit.com › r/rails › help with omniauth and devise (rails 7)

r/rails on Reddit: Help with Omniauth and devise (Rails 7)

April 5, 2022 -

Hey, I just tried to use Rails 7 with devise and omniauth-google-oauth2, but I'm running into problems when trying to authenticate via link_to tag.

I know it may be a problem with turbo links but Im not quite sure. I tried the same method(link_to) on Rails 6, and it worked:

<%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), method: :post %><br />

In Rails 7 I tried the same approach, but instead of method: :post I used data: {turbo_method: :post}, like this

<%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), data: {turbo_method: :post} %>

but when I click the link, the google console shows this

*Already added omniauth-rails_csrf_protection gem, but did not work

* I'm using a ngrok URI for the Authorized redirection URIs in the console.cloud.google

CSRF protection isn’t the same as CORS. Return the proper Origin header and you should be fine.

1 of 2

2 of 2

github.com › virtualforce › Devise-Omniauth-Multiple-Providers

GitHub - virtualforce/Devise-Omniauth-Multiple-Providers: Devise Multiple Omniauth Providers

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController include OmniConcern %w[facebook twitter gplus linkedin].each do |meth| define_method(meth) do create end end end

Starred by 37 users

Forked by 9 users

stackoverflow.com › questions › 38868738 › devise-with-omniauth-facebook

ruby on rails - Devise with OmniAuth Facebook - Stack Overflow

1 of 1

All working now.

It has to do with the incorrect callback_url.

From the logs:

Started GET "/users/auth/facebook" for ::1 at 2016-08-10 18:43:26 +1000
I, [2016-08-10T18:43:26.084371 #2292]  INFO -- omniauth: (facebook) Request phase initiated.
Started GET "/users/auth/facebook" for ::1 at 2016-08-10 18:43:26 +1000
I, [2016-08-10T18:43:26.521627 #2292]  INFO -- omniauth: (facebook) Request phase initiated.
Started GET "/?code=REALLYLONGHASHOFCHARACTERS&state=ANOTHERSETOFREALLYLONGHASHOFCHARACTERS" for ::1 at 2016-08-10 18:44:19 +1000

The last line of the log file shows it's not going to the correct url:

Started GET "/?code=REALLYLONGHASHOFCHARACTERS&state=ANOTHERSETOFREALLYLONGHASHOFCHARACTERS" for ::1 at 2016-08-10 18:44:19 +1000

The initializer config shows:

config.omniauth :facebook, 
   ENV['FACEBOOK_APP_ID'],
   ENV['FACEBOOK_APP_SECRET'],
   callback_url: ENV['FACEBOOK_CALLBACK_URL'],
   scope: 'email', info_fields: 'email,name'

The callback_url was http://localhost:3000 which is incorrect.

I changed the callback_url from http://localhost:3000 to http://localhost:3000/users/auth/facebook/callback

It is now working and I hope this helps someone in the future.