SlideShare une entreprise Scribd logo
1  sur  70
Télécharger pour lire hors ligne
BUILD YOUR
AUTHENTICATION SYSTEM
     WITH DEVISE
      Tse-Ching Ho (何澤清)
           2011-08-26
HTTPS://GITHUB.COM/TSECHINGHO/DEVISE_TUTORIAL

  git clone git://github.com/tsechingho/devise_tutorial.git
AGENDA

• OminiAuth  Client Application
 providers: Facebook, Twitter, Github

• OpenID  Client Application
 providers: Google, Yahoo, Google Apps

• LDAP Client Application
 providers: Localhost OpenLDAP

• CAS Client Application
 providers: Localhost CAS
WHAT IS AUTHENTICATION ?
ABOUT AUTHENTICATION

• authenticationand
 authorization are two things

• authentication is just an
 identity token / ticket

• canuse multi authentication
 providers on one site

• oneuser can have many
 authentications
Oauth
  customer    devise
                        providers

                         OpenID
                        providers

                          LDAP
             omniauth
                        providers

                        3rd party
                        providers

               CAS      username
              server    /password




DEVISE - OMNIAUTH WAY
WHAT DO WE NEED ?
USER STORY PLEASE
users                                         managers
    Model: User                                        Model: Manager
    has_many :authentications, :as => :resource        has_many :authentications, :as => :resource
    has_one :profile, :as => :resource                  has_one :profile, :as => :resource


    id                                      integer    id                                      integer
    email                                   string     email                                   string

    encrypted_password                      string     encrypted_password                      string
    reset_password_token                    string     reset_password_token                    string
    reset_password_sent_at                  datetime   reset_password_sent_at                  datetime
    remember_created_at                     datetime   remember_created_at                     datetime
    sign_in_count                           integer    sign_in_count                           integer

    current_sign_in_at                      datetime   current_sign_in_at                      datetime
    last_sign_in_at                         datetime   last_sign_in_at                         datetime
    current_sign_in_ip                      string     current_sign_in_ip                      string
    last_sign_in_ip                         string     last_sign_in_ip                         string
    created_at                              datetime   created_at                              datetime

    updated_at                              datetime   updated_at                              datetime



               authentications                                            profiles
         Model: Authentication                              Model: Profile
         belongs_to :resource, :polymorphic => true         belongs_to :resource, :polymorphic => true




         id                             integer             id                             integer
         resource_id                    integer             resource_id                    integer
         resource_type                  string              resource_type                  string
         provider                       string              first_name                      string
         uid                            string              last_name                      string
         uname                          string              fullname                       string
         umail                          string              nickname                       string
         created_at                     datetime            created_at                     datetime
         updated_at                     datetime            updated_at                     datetime




POSSIBLE DB SCHEMA
WHY DEVISE ?
FEATURES OF DEVISE

• rack   - simple and fast

• strategies   - logical and flexible

• modularity    - maintainable rails engine

• multi-models    - signed in at the same time

• extensions    - diversity

• authentication    scheme with general user’s needs
BUILDED IN MODULES

• Database   authenticatable   • Rememberable

• Token   authenticatable      • Trackable

• Omniauthable                 • Timeoutable

• Confirmable                   • Validatable

• Recoverable                  • Lockable

• Registerable                 • Encryptalbe
EXTENSION MODULES

• ORM

• Encryption

• Authentication

• UI   enhancement

• https://github.com/plataformatec/devise/wiki/Extensions
FILTERS & HELPERS

• authenticate_user!

• user_signed_in?

• current_user

• user_session

• user_root_path
DEMO
SHOW, DON’T TELL
GIT LOGS ARE FRIENDS
NEW RAILS APP
• rails new devise_tutorial -JTd mysql
• cd devise_tutorial
• vim Gemfile
• bundle install
• rails generate scaffold page title:string content:text
• rake db:create
• rake db:migrate
• rails server
  bundle exec unicorn -p 3000
• tail -f log/development.log
GIT CHECKOUT HEROKU
DEPLOY TO HEROKU

• git   checkout heroku

• heroku    keys:add

• heroku    create

• git   push heroku master

• heroku    rake db:setup

• heroku    open
GIT CHECKOUT USER
DEVISE CUSTOMIZATION

• config    - set configurations for devise

• migrations    - set database fields

• models    - select modules, set attributes

• routes   - set uri mapping

• controllers   - set filters and redirects

• views   - set html and css
rake middleware
use ActionDispatch::Static
use Rack::Lock
use ActiveSupport::Cache::Strategy::LocalCache
use Rack::Runtime
use Rails::Rack::Logger
use ActionDispatch::ShowExceptions
use ActionDispatch::RemoteIp
use Rack::Sendfile
use ActionDispatch::Callbacks
use ActiveRecord::ConnectionAdapters::ConnectionManagement
use ActiveRecord::QueryCache
use ActionDispatch::Cookies
use ActionDispatch::Session::CookieStore
use ActionDispatch::Flash
use ActionDispatch::ParamsParser
use Rack::MethodOverride
use ActionDispatch::Head
use ActionDispatch::BestStandardsSupport
use Warden::Manager
run DeviseTutorial::Application.routes
GIT CHECKOUT MANAGER
rake routes
               manager_root GET      /pages/:id(.:format)               {:controller=>"pages", :id=>"management", :action=>"show"}
        new_manager_session GET      /managers/sign_in(.:format)        {:controller=>"devise/sessions", :action=>"new"}
            manager_session POST     /managers/sign_in(.:format)        {:controller=>"devise/sessions", :action=>"create"}
    destroy_manager_session DELETE /managers/sign_out(.:format)         {:controller=>"devise/sessions", :action=>"destroy"}
           manager_password POST     /managers/password(.:format)       {:controller=>"devise/passwords", :action=>"create"}
       new_manager_password GET      /managers/password/new(.:format)   {:controller=>"devise/passwords", :action=>"new"}
      edit_manager_password GET      /managers/password/edit(.:format) {:controller=>"devise/passwords", :action=>"edit"}
                              PUT    /managers/password(.:format)       {:controller=>"devise/passwords", :action=>"update"}
cancel_manager_registration GET      /managers/cancel(.:format)         {:controller=>"devise/registrations", :action=>"cancel"}
       manager_registration POST     /managers(.:format)                {:controller=>"devise/registrations", :action=>"create"}
   new_manager_registration GET      /managers/sign_up(.:format)        {:controller=>"devise/registrations", :action=>"new"}
  edit_manager_registration GET      /managers/edit(.:format)           {:controller=>"devise/registrations", :action=>"edit"}
                              PUT    /managers(.:format)                {:controller=>"devise/registrations", :action=>"update"}
                              DELETE /managers(.:format)                {:controller=>"devise/registrations", :action=>"destroy"}
                  user_root GET      /pages/:id(.:format)               {:controller=>"pages", :id=>"dashboard", :action=>"show"}
           new_user_session GET      /users/sign_in(.:format)           {:controller=>"devise/sessions", :action=>"new"}
               user_session POST     /users/sign_in(.:format)           {:controller=>"devise/sessions", :action=>"create"}
       destroy_user_session DELETE /users/sign_out(.:format)            {:controller=>"devise/sessions", :action=>"destroy"}
              user_password POST     /users/password(.:format)          {:controller=>"devise/passwords", :action=>"create"}
          new_user_password GET      /users/password/new(.:format)      {:controller=>"devise/passwords", :action=>"new"}
         edit_user_password GET      /users/password/edit(.:format)     {:controller=>"devise/passwords", :action=>"edit"}
                              PUT    /users/password(.:format)          {:controller=>"devise/passwords", :action=>"update"}
   cancel_user_registration GET      /users/cancel(.:format)            {:controller=>"devise/registrations", :action=>"cancel"}
          user_registration POST     /users(.:format)                   {:controller=>"devise/registrations", :action=>"create"}
      new_user_registration GET      /users/sign_up(.:format)           {:controller=>"devise/registrations", :action=>"new"}
     edit_user_registration GET      /users/edit(.:format)              {:controller=>"devise/registrations", :action=>"edit"}
                              PUT    /users(.:format)                   {:controller=>"devise/registrations", :action=>"update"}
                              DELETE /users(.:format)                   {:controller=>"devise/registrations", :action=>"destroy"}
                       root          /(.:format)                        {:controller=>"pages", :action=>"show"}
GIT CHECKOUT PROVIDER
users
      Model: User
      has_many :authentications, :as => :resource             authentications
      has_one :profile, :as => :resource

                                                        Model: Authentication
      id                                     integer    belongs_to :resource, :polymorphic => true

      email                                  string

      encrypted_password                     string     id                          integer

      reset_password_token                   string     resource_id                 integer

      reset_password_sent_at                 datetime   resource_type               string

      remember_created_at                    datetime   provider                    string

      sign_in_count                          integer    uid                         string

      current_sign_in_at                     datetime   uname                       string

      last_sign_in_at                        datetime   umail                       string

      current_sign_in_ip                     string     created_at                  datetime

      last_sign_in_ip                        string     updated_at                  datetime

      created_at                             datetime
      updated_at                             datetime




PROVIDER - USER DB SCHEMA
GIT CHECKOUT OA-OAUTH
OMNIAUTH MIDDLEWARES

rake middleware
use ActionDispatch::Static
......
use ActionDispatch::BestStandardsSupport
use Warden::Manager
use OmniAuth::Strategies::Facebook
use OmniAuth::Strategies::Twitter
use OmniAuth::Strategies::GitHub
use OmniAuth::Strategies::OpenID
use OmniAuth::Strategies::OpenID
use OmniAuth::Strategies::OpenID
use OmniAuth::Strategies::GoogleApps
use OmniAuth::Strategies::GoogleApps
run DeviseTutorial::Application.routes
DEVISE OMNIAUTH ROUTES

• /users/auth/:provider(.:format)
 { :controller => "users/omniauth_callbacks",
   :action => "passthru" }

• user_omniauth_callback
 /users/auth/:action/callback(.:format)
 { :controller => "users/omniauth_callbacks",
   :action => /facebook|twitter|github/ }
NEEDS OF OAUTH

• create   new app record for each client site

• app   id and app secret are required

• callback   url must match

• access   token / error message will append to callback url

• specific    yaml pattern for user auth data
---
provider: facebook
uid: "1290347368"
credentials:
  token: 49923..........6RqGc
user_info:
  nickname: tsechingho
  email: tsechingho@gmail.com
  first_name: Tse-Ching
  last_name: Ho
  name: Tse-Ching Ho
  image: http://graph.facebook.com/1290347368/picture?type=square
  urls:
    Facebook: http://www.facebook.com/tsechingho
    Website:
extra:
  user_hash:
    id: "1290347368"
    name: Tse-Ching Ho
    first_name: Tse-Ching
    last_name: Ho
    link: http://www.facebook.com/tsechingho
    username: tsechingho
    hometown:
      id: "110922325599480"
      name: Taichung, Taiwan
FACEBOOK
developers.facebook.com




NEW FACEBOOK APP
 https://developers.facebook.com/apps
developers.facebook.com




CORRECT APP SETTINGS
app id, app secret, site url, site domain are required.
facebook.com




      FACEBOOK USER PANEL
        http://www.facebook.com/settings?tab=applications
https://developers.facebook.com/docs/reference/api/permissions/
FACEBOOK OAUTH WORK
           FLOW
                                              facebook.com


• ca_file   / ca_path

• /users/auth/facebook

• users/omniauth_callbacks#passthru

• https://www.facebook.com/connect/uiserver.php

• /users/auth/facebook/callback?code=xxxxxx
TWITTER
dev.twitter.com




NEW TWITTER APP
 https://dev.twitter.com/apps/new
 use http://127.0.0.1 for localhost
dev.twitter.com




  CORRECT APP SETTINGS
consumer key, consumer secret, callback url are required.
twitter.com




TWITTER USER PANEL
   you can stop it, not remove it.
TWITTER OAUTH WORK
               FLOW    api.twitter.com

• /users/auth/twitter

• users/omniauth_callbacks#passthru

• https://api.twitter.com/oauth/authenticate

• /users/auth/twitter/callback?code=xxxxxx

• twitter   auth data is too big for cookies session store

• no   email in user auth data
GITHUB
github.com




  NEW GITHUB APP
https://github.com/account/applications/new
github.com




CORRECT APP SETTINGS
 client id, client secret, callback url are required.
github.com




GITHUB APP/USER PANEL ?
       Don’t delete oauth application,
   otherwise you have to create new one.
GITHUB OAUTH WORK FLOW
                                             github.com



• /users/auth/github

• users/omniauth_callbacks#passthru

• https://github.com/login/oauth/authorize

• /users/auth/github/callback?code=xxxxxx
GIT CHECKOUT OA-OPENID
GOOGLE
SIGN IN GOOGLE ACCOUNT
GOOGLE OPENID WORK
           FLOW
• ca_file   / open_id_store
• /users/auth/google

• users/omniauth_callbacks#passthru

• https://www.google.com/accounts/o8/ud

• https://accounts.google.com/o/openid2/auth

• https://www.google.com/accounts/o8/id?id=xxxxxx

• /users/auth/google/callback
YAHOO
SIGN IN YAHOO ACCOUNT
YAHOO OPENID WORK
             FLOW
• ca_file   / open_id_store
• /users/auth/yahoo

• users/omniauth_callbacks#passthru

• https://open.login.yahooapis.com/openid/op/auth

• https://login.yahoo.com/config/login

• https://me.yahoo.com/a/xxxxxx

• /users/auth/yahoo/callback
GOOGLE APPS
SIGN IN GOOGLE ACCOUNT
       http://www.google.com/enterprise/marketplace/
http://developer.googleapps.com/marketplace/getting-started
GOOGLE APPS OPENID
          WORK FLOW
• ca_file   / open_id_store
• /users/auth/gmail

• users/omniauth_callbacks#passthru

• https://www.google.com/accounts/o8/ud?source=gmail.com

• https://accounts.google.com/o/openid2/auth

• https://www.google.com/accounts/o8/id?id=xxxxxx

• /users/auth/gmail/callback
ISSUES
FINDING USER ?
USERNAME
       VS
UNCHANGEABLE EMAIL
ONE EMAIL - ONE USER
          VS
ONE USER - MULTI EMAILS
IF EMAIL OF PROVIDER USER
       CHANGED,
         THEN >.<
PUBLIC EMAIL ADDRESS
         VS
 PROVIDER - UID PAIR
WHO AM I ?
ONE PROVIDER - ONE USER
            VS
ONE USER - MULTI PROVIDERS
OWN LOCAL USER FIRST
         OR
OWN PROVIDER USER FIRST
ONE USER
  MULTI MAILS
MULTI PROVIDERS
RESOURCES
TUTORIALS

• http://www.communityguides.eu/articles/11

• http://www.communityguides.eu/articles/16

• http://railscasts.com/episodes/235-omniauth-part-1

• http://railscasts.com/episodes/236-omniauth-part-2

• https://github.com/plataformatec/devise/wiki/Example-
 Applications
DOCUMENTS


• https://github.com/plataformatec/devise/wiki

• https://github.com/intridea/omniauth/wiki

• https://github.com/intridea/authbuttons
Q&A

Contenu connexe

Tendances

RoR 101: Session 6
RoR 101: Session 6RoR 101: Session 6
RoR 101: Session 6Rory Gianni
 
RoR 101: Session 6
RoR 101: Session 6RoR 101: Session 6
RoR 101: Session 6Rory Gianni
 
RoR 101: Session 3
RoR 101: Session 3RoR 101: Session 3
RoR 101: Session 3Rory Gianni
 
RoR 101: Session 2
RoR 101: Session 2RoR 101: Session 2
RoR 101: Session 2Rory Gianni
 
Codeigniter : Custom Routing - Manipulate Uri
Codeigniter : Custom Routing - Manipulate UriCodeigniter : Custom Routing - Manipulate Uri
Codeigniter : Custom Routing - Manipulate UriAbdul Malik Ikhsan
 
Ruby on Rails : RESTful 和 Ajax
Ruby on Rails : RESTful 和 AjaxRuby on Rails : RESTful 和 Ajax
Ruby on Rails : RESTful 和 AjaxWen-Tien Chang
 
Silex: From nothing to an API
Silex: From nothing to an APISilex: From nothing to an API
Silex: From nothing to an APIchrisdkemper
 
15.exemplu complet eloquent view add-edit-delete-search
15.exemplu complet eloquent view add-edit-delete-search15.exemplu complet eloquent view add-edit-delete-search
15.exemplu complet eloquent view add-edit-delete-searchRazvan Raducanu, PhD
 
Ruby conf 2011, Create your own rails framework
Ruby conf 2011, Create your own rails frameworkRuby conf 2011, Create your own rails framework
Ruby conf 2011, Create your own rails frameworkPankaj Bhageria
 
Simplify Your Rails Controllers With a Vengeance
Simplify Your Rails Controllers With a VengeanceSimplify Your Rails Controllers With a Vengeance
Simplify Your Rails Controllers With a Vengeancebrianauton
 
Introduction to AngularJS For WordPress Developers
Introduction to AngularJS For WordPress DevelopersIntroduction to AngularJS For WordPress Developers
Introduction to AngularJS For WordPress DevelopersCaldera Labs
 
Rapid Application Development with CakePHP 1.3
Rapid Application Development with CakePHP 1.3Rapid Application Development with CakePHP 1.3
Rapid Application Development with CakePHP 1.3kidtangerine
 
Be happy with Ruby on Rails - CEUNSP Itu
Be happy with Ruby on Rails - CEUNSP ItuBe happy with Ruby on Rails - CEUNSP Itu
Be happy with Ruby on Rails - CEUNSP ItuLucas Renan
 
Ruby on Rails Security Updated (Rails 3) at RailsWayCon
Ruby on Rails Security Updated (Rails 3) at RailsWayConRuby on Rails Security Updated (Rails 3) at RailsWayCon
Ruby on Rails Security Updated (Rails 3) at RailsWayConheikowebers
 
Django の認証処理実装パターン / Django Authentication Patterns
Django の認証処理実装パターン / Django Authentication PatternsDjango の認証処理実装パターン / Django Authentication Patterns
Django の認証処理実装パターン / Django Authentication PatternsMasashi Shibata
 

Tendances (20)

RoR 101: Session 6
RoR 101: Session 6RoR 101: Session 6
RoR 101: Session 6
 
RoR 101: Session 6
RoR 101: Session 6RoR 101: Session 6
RoR 101: Session 6
 
RoR 101: Session 3
RoR 101: Session 3RoR 101: Session 3
RoR 101: Session 3
 
RoR 101: Session 2
RoR 101: Session 2RoR 101: Session 2
RoR 101: Session 2
 
Codeigniter : Custom Routing - Manipulate Uri
Codeigniter : Custom Routing - Manipulate UriCodeigniter : Custom Routing - Manipulate Uri
Codeigniter : Custom Routing - Manipulate Uri
 
Ruby on Rails : RESTful 和 Ajax
Ruby on Rails : RESTful 和 AjaxRuby on Rails : RESTful 和 Ajax
Ruby on Rails : RESTful 和 Ajax
 
Silex: From nothing to an API
Silex: From nothing to an APISilex: From nothing to an API
Silex: From nothing to an API
 
Laravel 101
Laravel 101Laravel 101
Laravel 101
 
15.exemplu complet eloquent view add-edit-delete-search
15.exemplu complet eloquent view add-edit-delete-search15.exemplu complet eloquent view add-edit-delete-search
15.exemplu complet eloquent view add-edit-delete-search
 
Ruby conf 2011, Create your own rails framework
Ruby conf 2011, Create your own rails frameworkRuby conf 2011, Create your own rails framework
Ruby conf 2011, Create your own rails framework
 
Simplify Your Rails Controllers With a Vengeance
Simplify Your Rails Controllers With a VengeanceSimplify Your Rails Controllers With a Vengeance
Simplify Your Rails Controllers With a Vengeance
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat Sheet
 
Introduction to AngularJS For WordPress Developers
Introduction to AngularJS For WordPress DevelopersIntroduction to AngularJS For WordPress Developers
Introduction to AngularJS For WordPress Developers
 
Rapid Application Development with CakePHP 1.3
Rapid Application Development with CakePHP 1.3Rapid Application Development with CakePHP 1.3
Rapid Application Development with CakePHP 1.3
 
Be happy with Ruby on Rails - CEUNSP Itu
Be happy with Ruby on Rails - CEUNSP ItuBe happy with Ruby on Rails - CEUNSP Itu
Be happy with Ruby on Rails - CEUNSP Itu
 
实战Ecos
实战Ecos实战Ecos
实战Ecos
 
Ruby on Rails Security Updated (Rails 3) at RailsWayCon
Ruby on Rails Security Updated (Rails 3) at RailsWayConRuby on Rails Security Updated (Rails 3) at RailsWayCon
Ruby on Rails Security Updated (Rails 3) at RailsWayCon
 
Django の認証処理実装パターン / Django Authentication Patterns
Django の認証処理実装パターン / Django Authentication PatternsDjango の認証処理実装パターン / Django Authentication Patterns
Django の認証処理実装パターン / Django Authentication Patterns
 
Zend framework
Zend frameworkZend framework
Zend framework
 
Cocoa on-rails-3rd
Cocoa on-rails-3rdCocoa on-rails-3rd
Cocoa on-rails-3rd
 

Similaire à devise tutorial - 2011 rubyconf taiwan

Let's read code: the python-requests library
Let's read code: the python-requests libraryLet's read code: the python-requests library
Let's read code: the python-requests librarySusan Tan
 
Services Drupalcamp Stockholm 2009
Services Drupalcamp Stockholm 2009Services Drupalcamp Stockholm 2009
Services Drupalcamp Stockholm 2009hugowetterberg
 
Motion Django Meetup
Motion Django MeetupMotion Django Meetup
Motion Django MeetupMike Malone
 
OSDC 2009 Rails Turtorial
OSDC 2009 Rails TurtorialOSDC 2009 Rails Turtorial
OSDC 2009 Rails TurtorialYi-Ting Cheng
 
Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기JeongHun Byeon
 
Zend Framework Study@Tokyo #2
Zend Framework Study@Tokyo #2Zend Framework Study@Tokyo #2
Zend Framework Study@Tokyo #2Shinya Ohyanagi
 
Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...
Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...
Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...Coupa Software
 
More to RoC weibo
More to RoC weiboMore to RoC weibo
More to RoC weiboshaokun
 
Intro to Ruby on Rails
Intro to Ruby on RailsIntro to Ruby on Rails
Intro to Ruby on RailsMark Menard
 
What's new in Rails 4
What's new in Rails 4What's new in Rails 4
What's new in Rails 4Fabio Akita
 
Tame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapperTame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapperGiordano Scalzo
 
Ruby/Rails
Ruby/RailsRuby/Rails
Ruby/Railsrstankov
 
The hidden gems of Spring Security
The hidden gems of Spring SecurityThe hidden gems of Spring Security
The hidden gems of Spring SecurityMassimiliano Dessì
 
Workshop quality assurance for php projects tek12
Workshop quality assurance for php projects tek12Workshop quality assurance for php projects tek12
Workshop quality assurance for php projects tek12Michelangelo van Dam
 
Synapseindia reviews sharing intro cakephp
Synapseindia reviews sharing intro cakephpSynapseindia reviews sharing intro cakephp
Synapseindia reviews sharing intro cakephpSynapseindiaComplaints
 
QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...
QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...
QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...GeeksLab Odessa
 
Intro to Rails ActiveRecord
Intro to Rails ActiveRecordIntro to Rails ActiveRecord
Intro to Rails ActiveRecordMark Menard
 
От Rails-way к модульной архитектуре
От Rails-way к модульной архитектуреОт Rails-way к модульной архитектуре
От Rails-way к модульной архитектуреIvan Nemytchenko
 
Quality Assurance for PHP projects - ZendCon 2012
Quality Assurance for PHP projects - ZendCon 2012Quality Assurance for PHP projects - ZendCon 2012
Quality Assurance for PHP projects - ZendCon 2012Michelangelo van Dam
 
Using Geeklog as a Web Application Framework
Using Geeklog as a Web Application FrameworkUsing Geeklog as a Web Application Framework
Using Geeklog as a Web Application FrameworkDirk Haun
 

Similaire à devise tutorial - 2011 rubyconf taiwan (20)

Let's read code: the python-requests library
Let's read code: the python-requests libraryLet's read code: the python-requests library
Let's read code: the python-requests library
 
Services Drupalcamp Stockholm 2009
Services Drupalcamp Stockholm 2009Services Drupalcamp Stockholm 2009
Services Drupalcamp Stockholm 2009
 
Motion Django Meetup
Motion Django MeetupMotion Django Meetup
Motion Django Meetup
 
OSDC 2009 Rails Turtorial
OSDC 2009 Rails TurtorialOSDC 2009 Rails Turtorial
OSDC 2009 Rails Turtorial
 
Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기Node.js API 서버 성능 개선기
Node.js API 서버 성능 개선기
 
Zend Framework Study@Tokyo #2
Zend Framework Study@Tokyo #2Zend Framework Study@Tokyo #2
Zend Framework Study@Tokyo #2
 
Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...
Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...
Staying railsy - while scaling complexity or Ruby on Rails in Enterprise Soft...
 
More to RoC weibo
More to RoC weiboMore to RoC weibo
More to RoC weibo
 
Intro to Ruby on Rails
Intro to Ruby on RailsIntro to Ruby on Rails
Intro to Ruby on Rails
 
What's new in Rails 4
What's new in Rails 4What's new in Rails 4
What's new in Rails 4
 
Tame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapperTame Accidental Complexity with Ruby and MongoMapper
Tame Accidental Complexity with Ruby and MongoMapper
 
Ruby/Rails
Ruby/RailsRuby/Rails
Ruby/Rails
 
The hidden gems of Spring Security
The hidden gems of Spring SecurityThe hidden gems of Spring Security
The hidden gems of Spring Security
 
Workshop quality assurance for php projects tek12
Workshop quality assurance for php projects tek12Workshop quality assurance for php projects tek12
Workshop quality assurance for php projects tek12
 
Synapseindia reviews sharing intro cakephp
Synapseindia reviews sharing intro cakephpSynapseindia reviews sharing intro cakephp
Synapseindia reviews sharing intro cakephp
 
QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...
QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...
QA Lab: тестирование ПО. Станислав Шмидт: "Self-testing REST APIs with API Fi...
 
Intro to Rails ActiveRecord
Intro to Rails ActiveRecordIntro to Rails ActiveRecord
Intro to Rails ActiveRecord
 
От Rails-way к модульной архитектуре
От Rails-way к модульной архитектуреОт Rails-way к модульной архитектуре
От Rails-way к модульной архитектуре
 
Quality Assurance for PHP projects - ZendCon 2012
Quality Assurance for PHP projects - ZendCon 2012Quality Assurance for PHP projects - ZendCon 2012
Quality Assurance for PHP projects - ZendCon 2012
 
Using Geeklog as a Web Application Framework
Using Geeklog as a Web Application FrameworkUsing Geeklog as a Web Application Framework
Using Geeklog as a Web Application Framework
 

Plus de Tse-Ching Ho

20150516 modern web_conf_tw
20150516 modern web_conf_tw20150516 modern web_conf_tw
20150516 modern web_conf_twTse-Ching Ho
 
Ruby on bioinformatics
Ruby on bioinformaticsRuby on bioinformatics
Ruby on bioinformaticsTse-Ching Ho
 
Ajax nested form and ajax upload in rails
Ajax nested form and ajax upload in railsAjax nested form and ajax upload in rails
Ajax nested form and ajax upload in railsTse-Ching Ho
 
mongodb-introduction
mongodb-introductionmongodb-introduction
mongodb-introductionTse-Ching Ho
 
Rails-3-app-auto-generator-20100817
Rails-3-app-auto-generator-20100817Rails-3-app-auto-generator-20100817
Rails-3-app-auto-generator-20100817Tse-Ching Ho
 
model.search: customize your own search logic
model.search: customize your own search logicmodel.search: customize your own search logic
model.search: customize your own search logicTse-Ching Ho
 
The Power of Rails 2.3 Engines & Templates
The Power of Rails 2.3 Engines & TemplatesThe Power of Rails 2.3 Engines & Templates
The Power of Rails 2.3 Engines & TemplatesTse-Ching Ho
 

Plus de Tse-Ching Ho (9)

20150516 modern web_conf_tw
20150516 modern web_conf_tw20150516 modern web_conf_tw
20150516 modern web_conf_tw
 
Ruby on bioinformatics
Ruby on bioinformaticsRuby on bioinformatics
Ruby on bioinformatics
 
Webconf2013
Webconf2013Webconf2013
Webconf2013
 
Ajax nested form and ajax upload in rails
Ajax nested form and ajax upload in railsAjax nested form and ajax upload in rails
Ajax nested form and ajax upload in rails
 
mongodb-introduction
mongodb-introductionmongodb-introduction
mongodb-introduction
 
Rails-3-app-auto-generator-20100817
Rails-3-app-auto-generator-20100817Rails-3-app-auto-generator-20100817
Rails-3-app-auto-generator-20100817
 
model.search: customize your own search logic
model.search: customize your own search logicmodel.search: customize your own search logic
model.search: customize your own search logic
 
The Power of Rails 2.3 Engines & Templates
The Power of Rails 2.3 Engines & TemplatesThe Power of Rails 2.3 Engines & Templates
The Power of Rails 2.3 Engines & Templates
 
ruby e-commerce
ruby e-commerceruby e-commerce
ruby e-commerce
 

Dernier

Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxSatishbabu Gunukula
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024Brian Pichman
 
IT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced ComputingIT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced ComputingMAGNIntelligence
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingFrancesco Corti
 
Keep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES LiveKeep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES LiveIES VE
 
UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4DianaGray10
 
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxGraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxNeo4j
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameKapil Thakar
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc
 
Introduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationIntroduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationKnoldus Inc.
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Alkin Tezuysal
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIVijayananda Mohire
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfTejal81
 
Scenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosScenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosErol GIRAUDY
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0DanBrown980551
 
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInOutage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInThousandEyes
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch TuesdayIvanti
 
UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2DianaGray10
 
UiPath Studio Web workshop series - Day 1
UiPath Studio Web workshop series  - Day 1UiPath Studio Web workshop series  - Day 1
UiPath Studio Web workshop series - Day 1DianaGray10
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 

Dernier (20)

Oracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptxOracle Database 23c Security New Features.pptx
Oracle Database 23c Security New Features.pptx
 
AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024AI Workshops at Computers In Libraries 2024
AI Workshops at Computers In Libraries 2024
 
IT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced ComputingIT Service Management (ITSM) Best Practices for Advanced Computing
IT Service Management (ITSM) Best Practices for Advanced Computing
 
Where developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is goingWhere developers are challenged, what developers want and where DevEx is going
Where developers are challenged, what developers want and where DevEx is going
 
Keep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES LiveKeep Your Finger on the Pulse of Your Building's Performance with IES Live
Keep Your Finger on the Pulse of Your Building's Performance with IES Live
 
UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4UiPath Studio Web workshop series - Day 4
UiPath Studio Web workshop series - Day 4
 
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptxGraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
GraphSummit Copenhagen 2024 - Neo4j Vision and Roadmap.pptx
 
Flow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First FrameFlow Control | Block Size | ST Min | First Frame
Flow Control | Block Size | ST Min | First Frame
 
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie WorldTrustArc Webinar - How to Live in a Post Third-Party Cookie World
TrustArc Webinar - How to Live in a Post Third-Party Cookie World
 
Introduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its applicationIntroduction to RAG (Retrieval Augmented Generation) and its application
Introduction to RAG (Retrieval Augmented Generation) and its application
 
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
Design and Modeling for MySQL SCALE 21X Pasadena, CA Mar 2024
 
My key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAIMy key hands-on projects in Quantum, and QAI
My key hands-on projects in Quantum, and QAI
 
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdfQ4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
Q4 2023 Quarterly Investor Presentation - FINAL - v1.pdf
 
Scenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenariosScenario Library et REX Discover industry- and role- based scenarios
Scenario Library et REX Discover industry- and role- based scenarios
 
LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0LF Energy Webinar - Unveiling OpenEEMeter 4.0
LF Energy Webinar - Unveiling OpenEEMeter 4.0
 
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInOutage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
 
UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2UiPath Studio Web workshop series - Day 2
UiPath Studio Web workshop series - Day 2
 
UiPath Studio Web workshop series - Day 1
UiPath Studio Web workshop series  - Day 1UiPath Studio Web workshop series  - Day 1
UiPath Studio Web workshop series - Day 1
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 

devise tutorial - 2011 rubyconf taiwan

  • 1. BUILD YOUR AUTHENTICATION SYSTEM WITH DEVISE Tse-Ching Ho (何澤清) 2011-08-26
  • 2. HTTPS://GITHUB.COM/TSECHINGHO/DEVISE_TUTORIAL git clone git://github.com/tsechingho/devise_tutorial.git
  • 3. AGENDA • OminiAuth Client Application providers: Facebook, Twitter, Github • OpenID Client Application providers: Google, Yahoo, Google Apps • LDAP Client Application providers: Localhost OpenLDAP • CAS Client Application providers: Localhost CAS
  • 5. ABOUT AUTHENTICATION • authenticationand authorization are two things • authentication is just an identity token / ticket • canuse multi authentication providers on one site • oneuser can have many authentications
  • 6. Oauth customer devise providers OpenID providers LDAP omniauth providers 3rd party providers CAS username server /password DEVISE - OMNIAUTH WAY
  • 7. WHAT DO WE NEED ?
  • 9. users managers Model: User Model: Manager has_many :authentications, :as => :resource has_many :authentications, :as => :resource has_one :profile, :as => :resource has_one :profile, :as => :resource id integer id integer email string email string encrypted_password string encrypted_password string reset_password_token string reset_password_token string reset_password_sent_at datetime reset_password_sent_at datetime remember_created_at datetime remember_created_at datetime sign_in_count integer sign_in_count integer current_sign_in_at datetime current_sign_in_at datetime last_sign_in_at datetime last_sign_in_at datetime current_sign_in_ip string current_sign_in_ip string last_sign_in_ip string last_sign_in_ip string created_at datetime created_at datetime updated_at datetime updated_at datetime authentications profiles Model: Authentication Model: Profile belongs_to :resource, :polymorphic => true belongs_to :resource, :polymorphic => true id integer id integer resource_id integer resource_id integer resource_type string resource_type string provider string first_name string uid string last_name string uname string fullname string umail string nickname string created_at datetime created_at datetime updated_at datetime updated_at datetime POSSIBLE DB SCHEMA
  • 11. FEATURES OF DEVISE • rack - simple and fast • strategies - logical and flexible • modularity - maintainable rails engine • multi-models - signed in at the same time • extensions - diversity • authentication scheme with general user’s needs
  • 12. BUILDED IN MODULES • Database authenticatable • Rememberable • Token authenticatable • Trackable • Omniauthable • Timeoutable • Confirmable • Validatable • Recoverable • Lockable • Registerable • Encryptalbe
  • 13. EXTENSION MODULES • ORM • Encryption • Authentication • UI enhancement • https://github.com/plataformatec/devise/wiki/Extensions
  • 14. FILTERS & HELPERS • authenticate_user! • user_signed_in? • current_user • user_session • user_root_path
  • 16. GIT LOGS ARE FRIENDS
  • 17. NEW RAILS APP • rails new devise_tutorial -JTd mysql • cd devise_tutorial • vim Gemfile • bundle install • rails generate scaffold page title:string content:text • rake db:create • rake db:migrate • rails server bundle exec unicorn -p 3000 • tail -f log/development.log
  • 19. DEPLOY TO HEROKU • git checkout heroku • heroku keys:add • heroku create • git push heroku master • heroku rake db:setup • heroku open
  • 21. DEVISE CUSTOMIZATION • config - set configurations for devise • migrations - set database fields • models - select modules, set attributes • routes - set uri mapping • controllers - set filters and redirects • views - set html and css
  • 22. rake middleware use ActionDispatch::Static use Rack::Lock use ActiveSupport::Cache::Strategy::LocalCache use Rack::Runtime use Rails::Rack::Logger use ActionDispatch::ShowExceptions use ActionDispatch::RemoteIp use Rack::Sendfile use ActionDispatch::Callbacks use ActiveRecord::ConnectionAdapters::ConnectionManagement use ActiveRecord::QueryCache use ActionDispatch::Cookies use ActionDispatch::Session::CookieStore use ActionDispatch::Flash use ActionDispatch::ParamsParser use Rack::MethodOverride use ActionDispatch::Head use ActionDispatch::BestStandardsSupport use Warden::Manager run DeviseTutorial::Application.routes
  • 24. rake routes manager_root GET /pages/:id(.:format) {:controller=>"pages", :id=>"management", :action=>"show"} new_manager_session GET /managers/sign_in(.:format) {:controller=>"devise/sessions", :action=>"new"} manager_session POST /managers/sign_in(.:format) {:controller=>"devise/sessions", :action=>"create"} destroy_manager_session DELETE /managers/sign_out(.:format) {:controller=>"devise/sessions", :action=>"destroy"} manager_password POST /managers/password(.:format) {:controller=>"devise/passwords", :action=>"create"} new_manager_password GET /managers/password/new(.:format) {:controller=>"devise/passwords", :action=>"new"} edit_manager_password GET /managers/password/edit(.:format) {:controller=>"devise/passwords", :action=>"edit"} PUT /managers/password(.:format) {:controller=>"devise/passwords", :action=>"update"} cancel_manager_registration GET /managers/cancel(.:format) {:controller=>"devise/registrations", :action=>"cancel"} manager_registration POST /managers(.:format) {:controller=>"devise/registrations", :action=>"create"} new_manager_registration GET /managers/sign_up(.:format) {:controller=>"devise/registrations", :action=>"new"} edit_manager_registration GET /managers/edit(.:format) {:controller=>"devise/registrations", :action=>"edit"} PUT /managers(.:format) {:controller=>"devise/registrations", :action=>"update"} DELETE /managers(.:format) {:controller=>"devise/registrations", :action=>"destroy"} user_root GET /pages/:id(.:format) {:controller=>"pages", :id=>"dashboard", :action=>"show"} new_user_session GET /users/sign_in(.:format) {:controller=>"devise/sessions", :action=>"new"} user_session POST /users/sign_in(.:format) {:controller=>"devise/sessions", :action=>"create"} destroy_user_session DELETE /users/sign_out(.:format) {:controller=>"devise/sessions", :action=>"destroy"} user_password POST /users/password(.:format) {:controller=>"devise/passwords", :action=>"create"} new_user_password GET /users/password/new(.:format) {:controller=>"devise/passwords", :action=>"new"} edit_user_password GET /users/password/edit(.:format) {:controller=>"devise/passwords", :action=>"edit"} PUT /users/password(.:format) {:controller=>"devise/passwords", :action=>"update"} cancel_user_registration GET /users/cancel(.:format) {:controller=>"devise/registrations", :action=>"cancel"} user_registration POST /users(.:format) {:controller=>"devise/registrations", :action=>"create"} new_user_registration GET /users/sign_up(.:format) {:controller=>"devise/registrations", :action=>"new"} edit_user_registration GET /users/edit(.:format) {:controller=>"devise/registrations", :action=>"edit"} PUT /users(.:format) {:controller=>"devise/registrations", :action=>"update"} DELETE /users(.:format) {:controller=>"devise/registrations", :action=>"destroy"} root /(.:format) {:controller=>"pages", :action=>"show"}
  • 26. users Model: User has_many :authentications, :as => :resource authentications has_one :profile, :as => :resource Model: Authentication id integer belongs_to :resource, :polymorphic => true email string encrypted_password string id integer reset_password_token string resource_id integer reset_password_sent_at datetime resource_type string remember_created_at datetime provider string sign_in_count integer uid string current_sign_in_at datetime uname string last_sign_in_at datetime umail string current_sign_in_ip string created_at datetime last_sign_in_ip string updated_at datetime created_at datetime updated_at datetime PROVIDER - USER DB SCHEMA
  • 28. OMNIAUTH MIDDLEWARES rake middleware use ActionDispatch::Static ...... use ActionDispatch::BestStandardsSupport use Warden::Manager use OmniAuth::Strategies::Facebook use OmniAuth::Strategies::Twitter use OmniAuth::Strategies::GitHub use OmniAuth::Strategies::OpenID use OmniAuth::Strategies::OpenID use OmniAuth::Strategies::OpenID use OmniAuth::Strategies::GoogleApps use OmniAuth::Strategies::GoogleApps run DeviseTutorial::Application.routes
  • 29. DEVISE OMNIAUTH ROUTES • /users/auth/:provider(.:format) { :controller => "users/omniauth_callbacks", :action => "passthru" } • user_omniauth_callback /users/auth/:action/callback(.:format) { :controller => "users/omniauth_callbacks", :action => /facebook|twitter|github/ }
  • 30. NEEDS OF OAUTH • create new app record for each client site • app id and app secret are required • callback url must match • access token / error message will append to callback url • specific yaml pattern for user auth data
  • 31. --- provider: facebook uid: "1290347368" credentials: token: 49923..........6RqGc user_info: nickname: tsechingho email: tsechingho@gmail.com first_name: Tse-Ching last_name: Ho name: Tse-Ching Ho image: http://graph.facebook.com/1290347368/picture?type=square urls: Facebook: http://www.facebook.com/tsechingho Website: extra: user_hash: id: "1290347368" name: Tse-Ching Ho first_name: Tse-Ching last_name: Ho link: http://www.facebook.com/tsechingho username: tsechingho hometown: id: "110922325599480" name: Taichung, Taiwan
  • 33. developers.facebook.com NEW FACEBOOK APP https://developers.facebook.com/apps
  • 34. developers.facebook.com CORRECT APP SETTINGS app id, app secret, site url, site domain are required.
  • 35. facebook.com FACEBOOK USER PANEL http://www.facebook.com/settings?tab=applications https://developers.facebook.com/docs/reference/api/permissions/
  • 36. FACEBOOK OAUTH WORK FLOW facebook.com • ca_file / ca_path • /users/auth/facebook • users/omniauth_callbacks#passthru • https://www.facebook.com/connect/uiserver.php • /users/auth/facebook/callback?code=xxxxxx
  • 38. dev.twitter.com NEW TWITTER APP https://dev.twitter.com/apps/new use http://127.0.0.1 for localhost
  • 39. dev.twitter.com CORRECT APP SETTINGS consumer key, consumer secret, callback url are required.
  • 40. twitter.com TWITTER USER PANEL you can stop it, not remove it.
  • 41. TWITTER OAUTH WORK FLOW api.twitter.com • /users/auth/twitter • users/omniauth_callbacks#passthru • https://api.twitter.com/oauth/authenticate • /users/auth/twitter/callback?code=xxxxxx • twitter auth data is too big for cookies session store • no email in user auth data
  • 43. github.com NEW GITHUB APP https://github.com/account/applications/new
  • 44. github.com CORRECT APP SETTINGS client id, client secret, callback url are required.
  • 45. github.com GITHUB APP/USER PANEL ? Don’t delete oauth application, otherwise you have to create new one.
  • 46. GITHUB OAUTH WORK FLOW github.com • /users/auth/github • users/omniauth_callbacks#passthru • https://github.com/login/oauth/authorize • /users/auth/github/callback?code=xxxxxx
  • 49. SIGN IN GOOGLE ACCOUNT
  • 50. GOOGLE OPENID WORK FLOW • ca_file / open_id_store • /users/auth/google • users/omniauth_callbacks#passthru • https://www.google.com/accounts/o8/ud • https://accounts.google.com/o/openid2/auth • https://www.google.com/accounts/o8/id?id=xxxxxx • /users/auth/google/callback
  • 51. YAHOO
  • 52. SIGN IN YAHOO ACCOUNT
  • 53. YAHOO OPENID WORK FLOW • ca_file / open_id_store • /users/auth/yahoo • users/omniauth_callbacks#passthru • https://open.login.yahooapis.com/openid/op/auth • https://login.yahoo.com/config/login • https://me.yahoo.com/a/xxxxxx • /users/auth/yahoo/callback
  • 55. SIGN IN GOOGLE ACCOUNT http://www.google.com/enterprise/marketplace/ http://developer.googleapps.com/marketplace/getting-started
  • 56. GOOGLE APPS OPENID WORK FLOW • ca_file / open_id_store • /users/auth/gmail • users/omniauth_callbacks#passthru • https://www.google.com/accounts/o8/ud?source=gmail.com • https://accounts.google.com/o/openid2/auth • https://www.google.com/accounts/o8/id?id=xxxxxx • /users/auth/gmail/callback
  • 59. USERNAME VS UNCHANGEABLE EMAIL
  • 60. ONE EMAIL - ONE USER VS ONE USER - MULTI EMAILS
  • 61. IF EMAIL OF PROVIDER USER CHANGED, THEN >.<
  • 62. PUBLIC EMAIL ADDRESS VS PROVIDER - UID PAIR
  • 63. WHO AM I ?
  • 64. ONE PROVIDER - ONE USER VS ONE USER - MULTI PROVIDERS
  • 65. OWN LOCAL USER FIRST OR OWN PROVIDER USER FIRST
  • 66. ONE USER MULTI MAILS MULTI PROVIDERS
  • 68. TUTORIALS • http://www.communityguides.eu/articles/11 • http://www.communityguides.eu/articles/16 • http://railscasts.com/episodes/235-omniauth-part-1 • http://railscasts.com/episodes/236-omniauth-part-2 • https://github.com/plataformatec/devise/wiki/Example- Applications
  • 70. Q&A