Hello. I have a devise gem installed, I want to, after authorization on the devise gem, I can log in via vk. Please help with the implementation, especially with the routing. Skype is welcome. Thank you very much in advance!

  • So what have you tried? omniauth-vkontakte set? - D-side
  • @ D-side heme added, did everything as in habrahabr.ru/post/142128 until the moment where they turn on the server. I have constant errors with routing, they say, there are no such routes and still knocks out errors on attr_accessible: email,: password,: password_confirmation,: remember_me attr_accessible: nickname,: provider ,: url ,: username - basania
  • There, if anything, the rails are used 3.2.3, when the current 4.2, and on the threshold of 5.0. Step-by-step guides to old versions are dangerous to follow. On the whole, step-by-step tutorials without an explanation of "why", and "what it means" (which this article on Habré is also) for beginners, IMHO, are even harmful. I had an example for facebook on interviews, there are also absolutely no explanations, “how”, but it works (although it is for OAuth2 both a provider and a client). Understood a couple of days. I will prepare an explanation of how time will be. - D-side
  • @ D-side thanks a lot. Can you somehow be contacted or add friends to you in some network so that you can ask in a more convenient form for correspondence? - basania
  • I have contacts on the site, but it’s preferable to have a chat room here so that other members of the community can also get involved. - D-side

1 answer 1

Actually, everything is about the same as with Facebook, following the example of the Devise wiki .

Inside it works quite simply:

  1. You follow the link from your site, it redirects to VC.
  2. VK asks for your permission, then redirects you back to the site, adding an access code to the link.
  3. The site uses the access code to get the requested data from the provider.

In the center of everything: the user allows the site to access its information. And this information gives OmniAuth a pair of id providers, sufficient for authentication.

To ensure all this, you need (in a fresh project):

  1. Add devise and omniauth-vkontakte to Gemfile , install.
  2. Install Devise: rails g devise:install and edit the created devise.rb :
    • At this stage, you will need to enter data about your application , which serves as a "representation" of your site in the VC. You will need an "application ID" and "secure key". Closer to the bottom of devise.rb is an example of specifying the OmniAuth provider for github : you need to write a similar line for vkontakte .
    • Keep in mind that the key and application ID should not be published, VC considers that only you know them, so if you publish the source code, pull this data from the outside using solutions like figaro or config , as I did here .
  3. Create a User model and add the provider and uid fields there, plus make changes to the model file itself:
    • rails g devise User uid provider will do the necessary migration, but you should double-check it for fields you do not need.
    • Add the devise to the arguments in the model :omniauthable, omniauth_providers: [:vkontakte]

  4. Almost all! It remains to make a return point from VC to the site, which will accept the access code and retrieve the necessary data with its help.

    • Create a new controller that inherits from Devise::OmniauthCallbacksController
    • Make there a vkontakte method

    • Go to the routes ( routes.rb ) and specify this controller there:

       devise_for :users, # <- внимание, запятая, вызов ещё не кончился controllers: { omniauth_callbacks: "users/omniauth_callbacks" } # У меня контроллер Users::OmniauthCallbacksController

Done! Yes seriously. True, in this form there is no practical benefit from this, but you have everything you need:

  • In the vkontakte method added above, all the information coming from the VC is available at request.env["omniauth.auth"] - you probably want to do / find the user with this information and log in for it (and you can be sure that this information is correct).
  • The whole process from the user’s side is initiated by navigating to the address generated by the user_omniauth_authorize_path user_omniauth_authorize_path(:vkontakte) , which is reasonable to pack into a link and show only to guests.

Then you should do some cleaning (isolate application data from the source code, for example) and "failures processing" (what if the user refuses to give data? ).

Here is a sketched hastily example on a githaba . The vkontakte method in it does nothing but call the debugger session, allowing you to inspect the context in which the program finds itself. This, in general, is enough to make sure that it works.

  • Thank you so much for such a detailed guide! I will try and I am sure that there will be questions arising in the process. Do not say goodbye :) - basania
  • Where to get application ID and secure key? - basania
  • @basania in the control panel for developers in VK. - D-side
  • Thank. If I already have a similar migration, but not the one I need, and from that migration, the fields got into schema.rb. How to remove these fields from schema.rb without consequences? - basania
  • @basania schema.rb is only a copy of the state of the database and does not necessarily reflect the consequences of the application of all migrations (although in a good way, it should). You can do quite a lot in migration. - D-side