ABOUT AUTHENTICATION• authenticationand authorization are two things• authentication is just an identity token / ticket• canuse multi authentication providers on one site• oneuser can have many authentications
Oauth customer devise providers OpenID providers LDAP omniauth providers 3rd party providers CAS username server /passwordDEVISE - OMNIAUTH WAY
FEATURES OF DEVISE• rack - simple and fast• strategies - logical and ﬂexible• modularity - maintainable rails engine• multi-models - signed in at the same time• extensions - diversity• authentication scheme with general user’s needs
DEVISE CUSTOMIZATION• conﬁg - set conﬁgurations for devise• migrations - set database ﬁelds• models - select modules, set attributes• routes - set uri mapping• controllers - set ﬁlters and redirects• views - set html and css
NEEDS OF OAUTH• create new app record for each client site• app id and app secret are required• callback url must match• access token / error message will append to callback url• speciﬁc yaml pattern for user auth data
twitter.comTWITTER USER PANEL you can stop it, not remove it.
TWITTER OAUTH WORK FLOW api.twitter.com• /users/auth/twitter• users/omniauth_callbacks#passthru• https://api.twitter.com/oauth/authenticate• /users/auth/twitter/callback?code=xxxxxx• twitter auth data is too big for cookies session store• no email in user auth data