Rails Devise OmniAuth Facebook Login from iOS
You may want to take a look here:
Open Source: Announcing devise-iOS For Simplified Auth
It looks like a relatively painless way to work with Rails / Devise and iOS. I definitely plan on using it in my next project.
Have you looked into making your app an Oauth2 provider?
I haven't done this myself, but after some digging it looks like opro and doorkeeper are two possible solutions to the problem.
https://github.com/opro/oprohttps://github.com/doorkeeper-gem/doorkeeper
looks like opro works pretty well with devise:
#inside initializers/opro.rbOpro.setup do |config| config.auth_strategy = :deviseend
Definitely interested to see how this turns out for you
I think you have the right plan. We've done exactly this in our app and Web service.
The apps use a REST API, basic authentication over HTTPS, a server-generated password, and all of this is implemented without Devise. There's a method in the controller that all the API controllers inherit from, that is a before_action for all the API methods, and it calls 'authenticate_or_request_with_http_basic'
class ApiController < ActionController::Base before_action :authenticate_api def authenticate_api authenticate_or_request_with_http_basic do |username, password| # check server-generated password end endend
So that handles most requests.
We also have a API controller action to register from the device once to get that server-generated password:
class UsersController < ApiController skip_before_action :authenticate_api, only: [:register_fb] def register_fb graph = Koala::Facebook::API.new(params.require("access_token")) profile = graph.get_object("me?fields=email,first_name,last_name") # then go on to look up user if already exists, or create # ... return server-generated password endend
The Web app, however, all controllers inherit from WebappController and use devise.
Thus we have two passwords on the User object (one for web, one for mobile) and a facebook ID as well as our own User id which is the one we use for authentication.