I know this has been asked many times, but the answers are never quite acceptable to me.
So, I follow Ryan Bates' Railscast about this topic and mix it with the official Devise Omniauth guide (based on FB), but I just do not work as I expect, so I would like to help.
I have Users::OmniauthCallbacksController that looks like this:
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController def all @user = User.from_omniauth(request.env["omniauth.auth"]) if @user.persisted? sign_in_and_redirect root_path, :event => :authentication #this will throw if @user is not activated set_flash_message(:notice, :success, :kind => "Twitter") if is_navigational_format? else session["devise.twitter_data"] = request.env["omniauth.auth"].except("extra") flash[:notice] = flash[:notice].to_a.concat resource.errors.full_messages redirect_to new_user_registration_url end end alias_method :twitter, :all def failure redirect_to root_path end end
Then I also have two methods on my User.rb
def self.from_omniauth(auth) where(provider: auth.provider, uid: auth.uid).first_or_create do |user| user.update( email: auth.info.email, password: Devise.friendly_token[0,20], username: auth.info.nickname, remote_avatar_url: auth.info.image, token: auth.credentials.token, secret: auth.credentials.secret ) end end def self.new_with_session(params, session) super.tap do |user| if data = session["devise.twitter_data"] # user.attributes = params user.update( email: params[:email], password: Devise.friendly_token[0,20], username: data["info"]["nickname"], remote_avatar_url: data["info"]["image"], token: data["credentials"]["token"], secret: data["credentials"]["secret"] ) end end end
I am facing a lot of problems. The most immediate, because I set the password, the user does not know the password when trying to log in (and I do not sign them automatically when confirming).
But if I do not set a password, he does not ask them to set a password ... so that is also strange.
These are my settings for my User model:
devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :confirmable, :omniauthable, :omniauth_providers => [:twitter] validates :username, presence: true, uniqueness: { case_sensitive: false } validate :validate_username def validate_username if User.where(email: username).exists? errors.add(:username, :invalid) end end
So my question is when someone signs up via Twitter, do they need to enter a password? I will automatically send them to registration/new.html.erb anyway, because Twitter does not return an email value. But I'm trying to just get the process to work first before optimizing it.
How do I solve a password problem?
Change 1
For clarity, I will have to deal with this password_required problem, regardless of the OAuth provider.
So, how do I override this requirement for all OAuth providers?