ansaurus

Question

Rails 3 using Devise: How to allow someone to log in using their Facebook account?

Answer 1

A:

http://github.com/grimen/devise_facebook_connectable

This gem on github is quite straightforward. Worth a shot!

morcutt 2010-08-28 00:30:50

does not work with Rails 3: http://www.railsplugins.org/plugins/179-devise-facebook-connect

Andrew 2010-08-28 01:03:19

Answer 2

+7 A:

I checked the devise github page to see what they were up to. That project is moving pretty fast and as it happens they have support for facebook connect amongst other things. Check out the section on OAuth2. They use github as an example but it would be the same thing for facebook and they mention differences. I think this is the way to go, third party gems for devise don't move as fast as devise or rails do. Cheers.

Oops here's the link http://github.com/plataformatec/devise

Edit

Of course I did very little coding here mostly went with the default, so here goes:

Create a new app and add these gems to the gemfile.

gem 'devise', :git => 'git://github.com/plataformatec/devise.git'
gem 'oauth2', :git => 'git://github.com/intridea/oauth2.git'

Run bundle install, then these commands gets you going with a basic User authentication model.

rails generate devise:install
rails generate devise User

In config/initializers/devise.rb uncomment/modify these. Look at the last paragraph as to where you get app_key and secret from facebook.

config.oauth :facebook, 'app_key', 'secret',
    :site              => 'https://graph.facebook.com',
    :authorize_path    => '/oauth/authorize',
    :access_token_path => '/oauth/access_token'

This should be your user model.

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable, :lockable, :timeoutable and :oauthable
  devise :database_authenticatable, :oauthable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation, :remember_me

  def self.find_for_facebook_oauth(access_token, signed_in_resource=nil)
    # Get the user email info from Facebook for sign up
    # You'll have to figure this part out from the json you get back
    data = ActiveSupport::JSON.decode(access_token)

    if user = User.find_by_email(data["email"])
      user
    else
      # Create an user with a stub password.
      User.create!(:name => data["name"], :email => data["email"], :password => Devise.friendly_token)
    end
  end
end

Devise uses a root :to => "something#here" so I created a home controller with a index action and used that to root the application. But nevermind that. I put that in layout/application.html.erb so that I had basic sign_n sign_out routes.

<span>
  <%- if user_signed_in? %>
    <%= "Signed in as #{current_user.full_name}. Not you?" %>
    <%= link_to 'Sign out', destroy_user_session_path %>
  <%- else %>
    <%= link_to 'Sign in', new_user_session_path %>
  <%- end %>
</span>

Devise pretty much takes care of everything else for us. What you do need to do though is get your app_key and secret from facebook (used in devise.rb config file). This link should get you going. http://developers.facebook.com/setup

Hugo 2010-08-31 15:41:40

I think you are right. Facebook's new authentication API uses OAuth2. I have never worked with OAuth, nor Facebook, nor Devise. So I could use some extra help. Could you elaborate on what I would need to do in order to get it working with Facebook?

Andrew 2010-08-31 19:39:02

Sure I'll take a crack at it, I'll work something out later this evening and post you some code to get you going.

Hugo 2010-08-31 20:01:38

Thanks! Your answer was very helpful.

Andrew 2010-09-06 01:47:04

Answer 3

+1 A:

This blog post did it for me. Give it a look.

Mike Williamson 2010-09-03 01:03:28

That's a great post. Thanks for that.

Andrew 2010-09-06 01:45:50

Answer 4

+2 A:

Just used Hugo solution with almost no problem. Here is the User.rb code I had to use :

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable, :lockable, :timeoutable and :oauthable
  devise :database_authenticatable, :oauthable

  # Setup accessible (or protected) attributes for your model
  attr_accessible :name, :email, :password, :password_confirmation, :remember_me

  def self.find_for_facebook_oauth(access_token, signed_in_resource=nil)
    # Get the user email info from Facebook for sign up
    # You'll have to figure this part out from the json you get back

    data = ActiveSupport::JSON.decode(access_token.get('https://graph.facebook.com/me?'))

    logger.info("received from Facebook: #{data.inspect}")

    if user = User.find_by_email(data["email"])
      user
    else
      # Create an user with a stub password.
      User.create!(:name => data["name"], :email => data["email"], :password => Devise.friendly_token)
    end
  end
end

The things changed in this code :

name is in attr_accessible (don't forget to add a name field to user)
changed JSON decoding

Chris 2010-09-09 21:25:42

ansaurus

tags:

views:

answers:

Rails 3 using Devise: How to allow someone to log in using their Facebook account?

related questions