Implicit user creation with Authlogic and Authlogic OAuth plugin
Seems like I'm going to answer the question myself.
I use the following code to generate the Sign In button (in HAML):
- form_tag({:controller => "users", :action => "create"}, {:method => "post"}) do
= oauth_register_button :value => "Sign In with Twitter"
and then I simply create the user's session object in the create method of the UsersController class, if the user already exists:
def create
@user = User.new(params[:user])
@user.save do |result| # LINE A
if result
flash[:notice] = "Account registered!"
redirect_to some_inner_path
else
unless @user.oauth_token.nil?
@user = User.find_by_oauth_token(@user.oauth_token)
unless @user.nil?
UserSession.create(@user)
flash.now[:message] = "Welcome back!"
redirect_to some_inner_path
else
redirect_back_or_default root_path
end
else
redirect_back_or_default root_path
end
end
end
end
If the user is a first time visitor, then the user object is successfully saved in the LINE A. And if it's not and there's an oauth token available, then we try to fetch the user from the DB and log him/her in.
Authlogic with OAuth and OpenID - DoubleRenderError
After repeated failures, the following appears to work for normal authlogic username/password, OAuth with Twitter, and OpenID for at least google and yahoo, which is all I was interested in
def create
@user = User.new(params[:user])
@user.save do |result| # LINE A
if result
flash[:notice] = "Account registered!"
redirect_to account_url and return
else
if @user.oauth_token
@user = User.find_by_oauth_token(@user.oauth_token)
UserSession.create(@user)
flash.now[:message] = "Welcome back!"
redirect_to account_url and return
else
flash[:notice] = "Something went awry. Perhaps the name or email is already in use."
redirect_to register_path and return
end
end
end
end
Additionally, i added 'and return' into the update block in my users controller after both success and failure redirects/renders
authlogic and oauth-plugin
The short answer is no. I am currently integrating oauth-plugin's service providership with my own auth system (which predates authlogic, acts_as_authenticated and all the rest).
oauth-plugin service providership works by means of a code generator generating two controllers, which are then tied into some library files in the plugin. All of these files expect a login_required class method with the same semantics that acts_as_authenticated uses.
authlogic makes no assumptions about your controllers at all, so it won't work out of the box with oauth-plugin, however that design decision also means it will be fairly easy to structure your controllers in the expected way. Therefore it should be (maybe trivially) easy to build a shim to support oauth-plugin.
However in my case I've decided to run the generator then to extract what I need from the plugin and delete the plugin itself. The primary reason I am doing this is that I explicitly don't have the login_required method in my auth system, so I would have to monkey patch the lib to get it to work. Secondly, there's a lot of stuff in the plugin I just don't need. Thirdly, most of the stuff that is truly library-level has already been abstracted into the oauth gem proper, so the stuff living in the oauth-plugin lib directory is in this weird no mans land between the generated code and the actual library.
Different Access token every time - using Google OAuth and Authlogic
The AT is supposed to be different every time. OAuth is not an authentication protocol, it is an authorization delegation protocol. Try using OpenID instead: http://code.google.com/apis/accounts/docs/OpenID.html
Authlogic and Invalid Sessions
Looks like you're trying to access the current_account convenience method in your create action, but you're presumably not logged in yet, so I'm not sure where current_account would be coming from. Does the following snippet work in place of your existing @user_session assignment?
# app/controllers/user_sessions_controller.rb
@user_session = UserSession.new(params[:user_session])
authlogic session creation fails when used in combination with authenticate_or_request_with_http_basic
I'm having this issue also! I'm going to try and look into it to see if I can come up with anything...
EDIT: The fix is to disallow HTTP basic auth on your Authlogic session...
class UserSession < Authlogic::Session::Base
allow_http_basic_auth false
end
I'm pretty sure that this is a bug in Authlogic. The problem is this method:
Authlogic::Session::HttpAuth::InstanceMethods#allow_http_basic_auth?
which returns true when HTTP Basic is being used, even elsewhere in your application.
Create new user session without password in authlogic
You can do something like this in your User model:
acts_as_authentic do |config|
external = Proc.new { |r| r.externally_authenticated? }
config.merge_validates_confirmation_of_password_field_options(:unless => external)
config.merge_validates_length_of_password_confirmation_field_options(:unless => external)
config.merge_validates_length_of_password_field_options(:unless => external)
end
externally_authenticated? is just a method on the user that checks what is providing the user information, and if it's one of the omniauth providers, returns true.
Related Topics
Reply to Thread Google-Api-Ruby-Client
Ruby: Unexpected End-Of-Input, Expecting Keyword_End for If Statement
Use Variable in Parameter Ruby on Rails
Finding Parenthesis via Regular Expression
How to Replace Text in a Ruby String
How to Merge Two Equally Sized Arrays into One Array with Sub-Arrays of Merged Values
How to Remove Devise Password Resetting During Email Confirmation
Ruby Parallel Assignment, Step Question
Ruby on Rails View Rendering Db Info on Page
Iterate and Set Ruby Object Instance Variables
How to Put a Raw SQL Query in Sequel