about 13 years ago

OmniAuth - 實作多方認證的最佳實踐 (4)

兩週前談到 OmniAuth,還剩下最後一篇欠稿:實作篇。來還債了...

本來還在煩惱怎樣給出一個 demo app。剛好最近幫忙翻修 http://ruby-taiwan.org。網站的 0.3 => 1.0 的升級就是出於筆者之手。

乾脆拿這個網站直接來講...

若最後還是看不懂示範的可以直接 clone 專案下來直接 copy。

Install Devise

  1. 安裝 Devise
  2. rails g devise User 產生 User model
  3. rails g model Authorization provider:string user_id:integer uid:string 產生 Authorization Model

User has_many Authorizations

class User < ActiveRecord::Base
  has_many :authorizations


class Authorization < ActiveRecord::Base
  belongs_to :user

Install OmniAuth

  • 安裝 OmniAuth 1.0
  • 安裝 omniauth-github 與 omniauth-twitter
Gemfile 
 gem 'devise', :git => 'https://github.com/plataformatec/devise.git'
 gem "omniauth"
 gem "omniauth-github"
 gem "omniauth-twitter"
  • 定義 :omniauthable

在 User model 內加入 :omniauthable

 devise :database_authenticatable, :registerable,
        :recoverable, :rememberable, :trackable, :validatable, :omniauthable
  • extend OmniauthCallbacks

User model extend OmniauthCallbacks

app/model/user.rb 
class User < ActiveRecord::Base
  extend OmniauthCallbacks
` * 新增 `app/model/users/omniauth_callbacks.rb` 具體內容請看這裡 主要是拿 callbacks 回來的東西 new_from_provider_data 塞進去。先找有沒有,有找到回傳 user。沒找到從 data 裡塞資料進去,同時建立 provider 與 uid 關係。 ## 設定 route 與 controller `config/routes.rb` 
  devise_for :users, :controllers => { 
    :registrations => "registrations",
    :omniauth_callbacks => "users/omniauth_callbacks" 
  } do
    get "logout" => "devise/sessions#destroy"
  end

app/controllers/users/omniauth_callbacks_controller.rb

具體內容看這裡 https://github.com/rubytaiwan/ruby-taiwan/blob/master/app/controllers/users/omniauth_callbacks_controller.rb

光用 app/model/users/omniauth_callbacks.rbapp/controllers/users/omniauth_callbacks_controller.rb 這兩招就可以把 callback 和 provider 切得很漂亮了。

申請 OAuth

各大網站都有審請 OAuth 的機制:

如果你是使用 ruby-taiwan 這個 project 的話

** 一定得這樣填,亂改炸掉別怪我.. **

設定 token

key 設定都放在這裡 config/initializers/devise.rb

https://github.com/rubytaiwan/ruby-taiwan/blob/master/config/initializers/devise.rb

config/initializers/devise.rb 
  config.omniauth :github, Setting.github_token, Setting.github_secret
  config.omniauth :twitter, Setting.twitter_token, Setting.twitter_secret
  config.omniauth :douban, Setting.douban_token, Setting.douban_secret
  config.omniauth :open_id, :store => OpenID::Store::Filesystem.new('/tmp'), :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id', :require => 'omniauth-openid'

Link Helper

可看 https://github.com/rubytaiwan/ruby-taiwan/blob/master/app/views/devise/sessions/new.html.erb

          <li><%= link_to "Twitter", user_omniauth_authorize_path(:twitter) %> </li>
          <li><%= link_to "Google", user_omniauth_authorize_path(:google) %> </li>
          <li><%= link_to "Github", user_omniauth_authorize_path(:github) %> </li>
          <li><%= link_to "Douban", user_omniauth_authorize_path(:douban) %> </li>

小結

這樣就設完了,非常乾淨。如果有任何問題歡迎上 http://ruby-taiwan.org 討論。
← 對於使用 Render Partial 的一些誤解 如何運用 / 設計 Rails Helper (1) →
 
comments powered by Disqus