devise-token-auth
  • Installation
  • Configuration
    • Initializer Settings
    • OmniAuth
    • Email Authentication
    • Customizing Devise Verbiage
    • Cross Origin Requests (CORS)
  • Usage
    • Mounting Routes
    • Controller Integration
    • Model Integration
    • Using Multiple User Classes
    • Excluding Modules
    • Custom Controller/Email Overrides
    • Reset password flow
    • Testing
  • FAQ
  • Conceptual Diagrams
    • Token Management
    • Batch Requests
  • Security
Powered by GitBook
On this page
  • OmniAuth authentication
  • OmniAuth provider settings
  • OmniAuth callback settings
  • Note for pow and xip.io users
  1. Configuration

OmniAuth

PreviousInitializer SettingsNextEmail Authentication

Last updated 5 years ago

OmniAuth authentication

If you wish to use omniauth authentication, add all of your desired authentication provider gems to your Gemfile.

OmniAuth example using GitHub, Facebook, Google, and Apple:

gem 'omniauth-github'
gem 'omniauth-facebook'
gem 'omniauth-google-oauth2'
gem 'omniauth-apple'

Then run bundle install.

OmniAuth provider settings

In config/initializers/omniauth.rb, add the settings for each of your providers.

These settings must be obtained from the providers themselves.

Example using Github, Facebook, Google, and Apple:

# config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :github,        ENV['GITHUB_KEY'],   ENV['GITHUB_SECRET'],   scope: 'email,profile'
  provider :facebook,      ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET']
  provider :google_oauth2, ENV['GOOGLE_KEY'],   ENV['GOOGLE_SECRET']
  provider :apple,         ENV['APPLE_CLIENT_ID'], '', { scope: 'email name', team_id: ENV['APPLE_TEAM_ID'], key_id: ENV['APPLE_KEY'], pem: ENV['APPLE_PEM'] }
end

OmniAuth callback settings

The url for github authentication will be different for the client. The client should visit the API at /[MOUNT_PATH]/:provider for omniauth authentication.

For example, given that the app is mounted using the following settings:

# config/routes.rb
mount_devise_token_auth_for 'User', at: 'auth'

The client configuration for github should look like this:

Angular.js setting for authenticating using github:

angular.module('myApp', ['ng-token-auth'])
  .config(function($authProvider) {
    $authProvider.configure({
      apiUrl: 'https://api.example.com'
      authProviderPaths: {
        github: '/auth/github' // <-- note that this is different than what was set with github
      }
    });
  });

jToker settings for github should look like this:

$.auth.configure({
  apiUrl: 'https://api.example.com',
  authProviderPaths: {
    github: '/auth/github' // <-- note that this is different than what was set with github
  }
});

This incongruence is necessary to support multiple user classes and mounting points.

If you receive redirect-uri-mismatch errors from your provider when using pow or xip.io urls, set the following in your development config:

# config/environments/development.rb

# when using pow
OmniAuth.config.full_host = "http://app-name.dev"

# when using xip.io
OmniAuth.config.full_host = "http://xxx.xxx.xxx.app-name.xip.io"

The above example assumes that your provider keys and secrets are stored in environmental variables. Use the gem (or or or equivalent) to accomplish this.

The "Callback URL" setting that you set with your provider must correspond to the setting defined by this app. This will be different than the omniauth route that is used by your client application.

For example, the demo app uses the default omniauth_prefix setting /omniauth, so the "Authorization callback URL" for github must be set to "".

Github example for the demo site:

Note for and users

List of oauth2 providers
figaro
dotenv
secrets.yml
omniauth prefix
https://devise-token-auth-demo.herokuapp.com**/omniauth**/github/callback
pow
xip.io
password reset flow