Using OAuth2 with Sorcery Gem

Irwin Chan
Oct 8, 2015 · 3 min read

The team is busy coding away and add more features to our final project, Homegrown. Today, I’ll go over what we learned in class about implementing OAuth.

OAuth is an open standard for authorization. It’s a great way to allow users to sign up for your site using an account they already have like Facebook, Twitter or Google. This lowers the barrier of entry for new users because who likes to waste time filling out registration forms, and having to remember yet another password. This is especially important for the mobile experience, the less typing they have to do on their mobile device the better!

For more on OAuth2, check out this great tutorial at Digital Ocean.

We learned how to implement OAuth2 with our OpenTable clone assignment, Seat Yourself, which allowed us to register for the app using our Github account! To implement this feature, we’ll be using a submodule of the Sorcery gem called External. So first, we need to install the submodule:

Great, now in your app directory, find and open the sorcery.rb file. In that file, we uncommented “config.external_providers” and added Github as the provider. You can add multiple providers here, like Facebook or Twitter but we’re just using Github for our project.

Scrolling down, you’ll see the Github specific configuration options. You’ll need to uncomment those as well.

You need to get your configuration key and secret key by going to Github > Settings > Application. Click on the Developer applications tab, and click “Register new application”. Complete the process to get your keys! Copy and paste your Github client ID, and client secret to the corresponding fields:

Finally, uncomment “user.authentication_class” and set it to “Authentication”

Now lets open up the our User model (user.rb). You’ll notice the installer has already added “authenticates_with_sorcery!” but we’ll need to add more:

We’ll add a link to our applications.html.erb which will give the user an option to login with Github

Ok! Lets generate the Authentication model:

And the OAuths controller:

In our OauthsController we need the follow methods, these are just copied and pasted from Sorcery’s External tutorial with a small modification to use auth_params instead of just params:

The oauth method will redirect the user to the provider we have setup, which is Github in our case.

The callback method is Github will call, so Github will send a GET or POST request to our server through some route which will end up calling the callback method.

Finally, the routes!

Now run rake db:migrate and you can login with Github!

We’ll be sure to add OAuth to our Homegrown app! Be sure to follow me for more updates on our progress!

#Homegrown app is an app we’re developing for our final project at Bitmaker. It allows people with gardens to share and trade their produce with other people that have gardens!

Irwin Chan

Written by

Full-Stack Web Developer, Ryerson IT Grad. Into tech, food, board games, video games, and Leafs! Also known to take a picture or two.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade