Mastering GitHub OmniAuth Integration in Ruby on Rails: A Step-by-Step Guide

Photo by Roman Synkevych on Unsplash

Step 1:

1. Go to the GitHub Developer Settings page: https://github.com/settings/developers
2. Click on the “New OAuth App” button.

3. Fill in the required fields:

4. Application Name: Choose a name for your application.

5. Homepage URL: This should be the URL of your application’s home page.
6. Authorization callback URL: This should be the URL where GitHub will redirect users after authentication. For development, use something like [http://localhost:3000/auth/github/callback](http://localhost:3000/auth/github/callback.).

4. Click on “Register application” to create the OAuth application.

5. Once created, take note of the “Client ID” and “Client Secret” values, as you’ll need them later.

Step 2: Add the omniauth-github gem

In your Rails application’s Gemfile, add the following line:

gem 'omniauth-github’
gem "omniauth-rails_csrf_protection"

Then run bundle install in your terminal.

Step 3: Configure OmniAuth

First define your application id and secret in config/initializers/devise.rb. 273 no line. Configuration options can be passed as the last parameter here as key/value pairs.

config.omniauth :guthub, 'github_CLIENT_ID', 'github_CLIENT_SECRET', {}

Then add the following to ‘config/routes.rb’so the callback routes are defined.

devise_for :users, controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }

Make sure your model is omniauthable. Generally this is /app/models/user.rb

devise :omniauthable, omniauth_providers: [:github]

Then make sure your callbacks controller is setup app/controllers/users/omniauth_callbacks_controller.rb:

# app/controllers/users/omniauth_callbacks_controller.rb:

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def github
# You need to implement the method below in your model (e.g. app/models/user.rb)
@user = User.from_omniauth(request.env['omniauth.auth'])

if @user.persisted?
flash[:notice] = I18n.t 'devise.omniauth_callbacks.success', kind: 'Github'
sign_in_and_redirect @user, event: :authentication
else
session['devise.github_data'] = request.env['omniauth.auth'].except('extra') # Removing extra as it can overflow some session stores
redirect_to new_user_registration_url, alert: @user.errors.full_messages.join("\n")
end
end
end

and bind to or create the user model/user.rb

def self.from_omniauth(access_token)
data = access_token.info
user = User.where(email: data['email']).first

# Uncomment the section below if you want users to be created if they don't exist
unless user
user = User.create(
email: data['email'],
password: Devise.friendly_token[0,20]
)
end
user
end

That’s it! Your app now supports GitHub authentication.

If your face any error, like can not verify CSRF token, then add this command in controller/application_controller.rb

skip_before_action :verify_authenticity_token