JWT VS rodauth-rails

To authenticate our users, we need to add jwt gem to our Gemfile

jwt is a Ruby implementation of the RFC 7519 OAuth JSON Web Token standard. bcrypt is a Ruby binding for the OpenBSD bcrypt() password hashing algorithm.

ruby-jwt is fairly easy to use on it's own without Devise. You might try that first and only add Devise if needed.

Generally speaking, the larger the application, the more internal and external services it has to talk to. External services usually have their own way of authenticating and authorizing third party API calls. With internal systems however, organisations prefer to use JWT tokens because of their inherent flexibility and versatility. A sample JWT based handshake between 2 rails applications using ruby-jwt would look like this -

Interesting. What's the difference between this and the standard ruby-jwt? https://github.com/jwt/ruby-jwt

jwt - encoding and decoding jwt oauth

Decoding JWTs is simple whit the help of an already implemented solution. In this section, I'll be using the ruby-jwt.

In this article, I would like to show how to set each of these up in a Rails app that uses rodauth-rails. I'll be using Safari on macOS Ventura, and have iCloud Keychain sync enabled, which is a requirement for Apple passkeys.

Once I felt things were functioning well enough, I extracted the glue code into the rodauth-rails gem and added tests. I also included an install generator, which created the initial skeleton with sensible default configuration. A new Roda superclass provided a convenience configure method for loading the Rodauth plugin together with the rails feature.

FWIW I'm using rodauth and I like it: https://github.com/janko/rodauth-rails

My question is pretty much in the title. Is it possible to do Omniauth in a Rails API Only app? I've been looking into devise-token-auth and rodauth-rails. rodauth-rails has a tutorial for Omniauth (https://github.com/janko/rodauth-rails/wiki/OmniAuth), but it is using a Rails monolith.

I didn't create it, it was created by Jeremy Evans, I just contribute to it occasionally ;). I created the Rails integration, because I wanted to bring it into the Rails ecosystem, and I recently started recording screencasts. So I'm biased in that sense :)

maybe https://github.com/janko/rodauth-rails

$/myapp> bundle info rodauth-rails * rodauth-rails (0.18.1) Summary: Provides Rails integration for Rodauth. Homepage: https://github.com/janko/rodauth-rails Path: /Users/shino/.rbenv/versions/3.0.0/lib/ruby/gems/3.0.0/gems/rodauth-rails-0.18.1

I don't know if you've seen, but I wrote a guide that shows an integration, which you can use for now. This is also what the official demo Rails app uses.