一.修改Gemfile
1 2 3 4 5 6 7 |
gem 'omniauth' gem 'omniauth-facebook','1.4.0' gem 'certified' gem 'thin' |
二.新增必要controller/action
1 2 3 4 |
rails g controller signup index rails g controller login index |
三.修改/config/routes.rb
1 2 3 4 5 6 7 8 9 |
get '/signup'=>'signup#index' get '/signup/index'=>'signup#index' get '/auth/:provider/callback'=>'signup#create' get '/login'=>'login#index' get '/login/index'=>'login#index' get '/login/logout'=>'login#logout' |
四. 新增/config/initializer/omniauth.rb
1 2 3 4 5 6 7 8 9 |
Rails.application.config.middleware.use OmniAuth::Builder do provider :facebook, 'appid', 'app-secret', :scope => 'email,read_stream,publish_stream,user_about_me,user_birthday,offline_access,user_relationships, user_likes,user_education_history,user_hometown,user_relationship_details,user_location,user_website, user_work_history,publish_actions' OmniAuth.config.on_failure = SignupController.action(:failure) end |
五.修改views/login/index.html.erb
1 2 3 4 |
<a href="/auth/facebook">facebook login</a> 點了後會導向facebook做認證 |
六.singup_controller新增create/failure action
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
def index //do something end def create auth_hash = request.env['omniauth.auth'] if auth_hash uid = auth_hash['uid'].to_s authUser = UserAuth.where(login_type:1).where(login_id:uid).first //上面只是要從db找看看user存不存在,不一定是UserAuth這個table,這裡儲存在UserAuth,所以從這找 // login_type=>使用者從facebook登入為1 , login_id=>就是facebook的uid if authUser //更新token else //無該使用者,新增user end //存session後倒回首頁 else //使用者按了授權卻找不到資料就導回首頁 end end def failure flash[:notice] = '您尚未經過認證' redirect_to :controller=>:signup,:action=>:index end #修改玩記得重跑thin |
- 使用者認證後的fb資料都從request.env[‘omniauth.auth’]找,=>auth_hash = request.env[‘omniauth.auth’]
- token從auth_hash[‘credentials’][‘token’]找
- provider從auth_hash[‘provider’]找
- uid從auth_hash[‘uid’]找
七.測試看看
- url連到/login/index,點選facebook登入,這時應該會導到facebook頁面,使用者點取消會跑signup_controller 的failure action,使用者若按確定會跑signup_controller的create action
以上就是全部步驟囉
參考文件
- http://takobear.weebly.com/12/post/2013/08/omniauth-ror-facebook.html
- http://www.liujie.org.cn/archives/271
- http://blog.xdite.net/posts/2155-omniauth-clean-auth-provider-4
- http://blog.unayung.cc/posts/912-devise
- https://github.com/alex-klepa/rails4-bootstrap-devise-cancan-omniauth
- https://github.com/rubytaiwan/ruby-taiwan/tree/master/app/models
- https://github.com/plataformatec/devise/wiki/How-Tos
- http://pivotallabs.com/facebook-and-googleplus-javascript-sdk-sign-in-with-devise-ror/
- http://rubydoc.info/github/plataformatec/devise/master/frames/index
- http://bernardi.me/using-multiple-omniauth-providers-with-omniauth-identity-on-the-main-user-model/
- http://communityguides.heroku.com/articles/11
- https://github.com/intridea/omniauth-identity
- http://stackoverflow.com/questions/18310409/defining-model-relations-between-identity-and-user-using-omniauth-and-devise
- http://stackoverflow.com/questions/14647681/use-separate-authentication-model-with-devise-on-rails