Rails Devise OmniAuth Facebook Login from iOS
You may want to take a look here:
Open Source: Announcing devise-iOS For Simplified Auth
It looks like a relatively painless way to work with Rails / Devise and iOS. I definitely plan on using it in my next project.
Have you looked into making your app an Oauth2 provider?
I haven't done this myself, but after some digging it looks like opro and doorkeeper are two possible solutions to the problem.
https://github.com/opro/oprohttps://github.com/doorkeeper-gem/doorkeeper
looks like opro works pretty well with devise:
#inside initializers/opro.rbOpro.setup do |config| config.auth_strategy = :deviseendDefinitely interested to see how this turns out for you
I think you have the right plan. We've done exactly this in our app and Web service.
The apps use a REST API, basic authentication over HTTPS, a server-generated password, and all of this is implemented without Devise. There's a method in the controller that all the API controllers inherit from, that is a before_action for all the API methods, and it calls 'authenticate_or_request_with_http_basic'
class ApiController < ActionController::Base before_action :authenticate_api def authenticate_api authenticate_or_request_with_http_basic do |username, password| # check server-generated password end endendSo that handles most requests.
We also have a API controller action to register from the device once to get that server-generated password:
class UsersController < ApiController skip_before_action :authenticate_api, only: [:register_fb] def register_fb graph = Koala::Facebook::API.new(params.require("access_token")) profile = graph.get_object("me?fields=email,first_name,last_name") # then go on to look up user if already exists, or create # ... return server-generated password endendThe Web app, however, all controllers inherit from WebappController and use devise.
Thus we have two passwords on the User object (one for web, one for mobile) and a facebook ID as well as our own User id which is the one we use for authentication.