OmniAuth VS developers

I've seen the Omniauth gem. But based on this gist it seems this gem is more suitable for web apps. Here is the quote from that gist.

In many cases, this convenient multi-provider authentication is powered by a library called OmniAuth. OmniAuth is a flexible and powerful authentication library for Ruby that allows you to integrate with multiple external providers.

Omniauthable: adds OmniAuth support.

:omniauthable is a special module in devise but it's also in charge of a very common feature: letting users log in by using a user's session from another website, e.g. Facebook, Google, Twitter, Github, etc. It's kind of delegating authentication work to those big tech companies. Nowadays, most companies follow OAuth's standards to build the authentication workflow (OAuth always means OAuth 2.0 in this article). However, each company may have different dialects when you communicate via OAuth. This module is called :omniauthable because devise has integrated with the gem omniauth, which provides a unified interface to realize the login process via OAuth.

If you want more details, the google authentication is one of many strategies for OmniAuth.

# https://github.com/omniauth/omniauth # https://github.com/settings/applications/new # echo > config/initializers/omniauth.rb # config/initializers/omniauth.rb Rails.application.config.middleware.use OmniAuth::Builder do provider :github, "GITHUB_ID", "GITHUB_SECRET" end

In general, even though the Hanami ecosystem lacks any "plug-and-play" solutions such as Devise, you can use many existing libraries not tightly coupled to Ruby on Rails. For authentication, you can use Warden, OmniAuth or Rodauth. For uploads there is Shrine. The pagination is built into ROM. Integration with exception catchers such as Rollbar is easy.

In this article, I show how to set up the rodauth-omniauth gem I had created in a Rails app, and customize the flow. This gem provides a much more integrated solution compared to Devise, in the sense that it implements the OmniAuth callback phase, automatically registering the user and/or logging them in, and persisting their external identities. It supports multiple providers, and essentially codifies this OmniAuth guide.

OmniAuth provides a standardized interface for authenticating with various external providers. Once the user authenticates with the provider, it's up to us developers to handle the callback and implement actual login and registration into the app. There is a wiki page laying out various scenarios that need to be handled if you want to support multiple providers, showing that it's by no means a trivial task.

My memory is failing me on the specifics, but I posted this issue on roda, which then led to this other issue in omniauth, plus 2 MRs on omniauth and rack-protection for doc updates.

So for that, we need a few details that we'll get from the GitHub OAuth Page. There we have to Register a new App to get the required details. To register our app we'll need our callback URL, It looks like this: https://.supabase.co/auth/v1/callback . After that, we'll enable our GitHub Auth.

🟡 Development app setup Navigate to GitHub OAuth Apps setup https://github.com/settings/developers Create a New OAuth App https://github.com/settings/applications/new Fill in the following details Application name: Azure ChatGPT DEV Environment Homepage URL: http://localhost:3000 Authorization callback URL: http://localhost:3000/api/auth/callback/github 🟢 Production app setup Navigate to GitHub OAuth Apps setup https://github.com/settings/developers Create a New OAuth App https://github.com/settings/applications/new Fill in the following details Application name: Azure ChatGPT Production Homepage URL: https://YOUR-WEBSITE-NAME.azurewebsites.net Authorization callback URL: https://YOUR-WEBSITE-NAME.azurewebsites.net/api/auth/callback/github ⚠️ After completing app setup, ensure your environment variables locally and on Azure App Service are up to date.

Navigate to the GitHub Oauth Apps developer settings at https://github.com/settings/developers and create a new oauth app.

We'll go through a similar process for setting up GitHub credentials. For GitHub, go to Settings and then to Developer Settings (bottom left of the page), and then select OAuth Apps. Configure your OAuth app similarly to what's shown below. You can put whatever you'd like in the Homepage URL field.

To do this, we need to first create a new GitHub OAuth App. Click on “New OAuth app” and fill out the form accordingly with your website information. Here are some important things to note about the information requested by the form:

Go to https://github.com/settings/developers and create a new OAuth application and choose New OAuth App.

Head over to GitHub Developer Settings, click OAuth Apps on the left and then click the "New OAuth app" button. It's gonna ask you a few questions. Enter http://localhost:5173 for the homepage URL and http://localhost:5173/login for the callback URL, and fill the rest as you like. We're giving localhost addresses because we have to test our app before deploying to its final URL. You can just update the URLs when you deploy or create a new app and keep this one for testing and development.

Go into your Developer Settings and create a new OAuth App. Name, homepage etc. are not important, but the Authorization callback URL needs to point to your Auth0 Tenant. You can get the domain in your Auth0 application settings: https://.auth0.com.

For Github, head over to your Settings > Developer Settings > OAuth apps and create a new app.