Use OmniAuth to Authenticate Using a Third Party

OmniAuth is a Rails API for doing OAuthOAuth is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. style authentication. It wraps the specifics of many popular services, providing us with a single API. With a few lines of code, we can allow users to log in with, say, X (formerly know as Twitter) and not have to create an authentication system of our own.

It works by redirecting our users to the third-party site, having that site do the authentication, and then redirecting back to us. OmniAuth handles the specifics of integrating with each site that we choose to support (we can use as many different third parties as we want). See the figure below for more clarification on this.

Note that in step 5 (in the figure below), we will need to store some unique identifiers passed from the service to associate with the user in our app. We must take care of what we choose to use for this value. For example, users can change their email or username without necessarily changing their identity in our service.