Skip to content Skip to sidebar Skip to footer
Gems & Tools Rails Basics

Authenticate Your Users With Doorkeeper In Rails

August 8, 2022 0
Share This Article
Share Post
Doorkeeper in Rails
Doorkeeper in Rails

This tutorial will show you how to implement Doorkeeper in Rails. Doorkeeper is a Ruby gem that allows you to easily add OAuth 2.0 provider functionality to your Ruby on Rails application.

Installing Doorkeeper

Installing Doorkeeper is straightforward; you need to add it to your Gemfile:

gem 'doorkeeper'

And then run bundle install.

Once you have installed Doorkeeper, you need to run the rails generate doorkeeper:install command to generate the necessary migration files.

After you have run the migrations, you need to add the doorkeeper_for :all method to your routes.rb file.

Rails.application.routes.draw do
  root to: "home#index"
  doorkeeper_for :all
  # The rest of your routes...
end

This will add the /oauth/authorize and /oauth/token routes to your application.

Now you need to create an initializer for Doorkeeper.

# config/initializers/doorkeeper.rb
Doorkeeper.configure do
  # other settings...
end

The most important setting that you need to configure is the resource_owner_authenticator block. This block is used to authenticate the resource owner (usually the current user).

For example, if you are using Devise for authentication, you can use the following code:

Doorkeeper.configure do
  # other settings...
  resource_owner_authenticator do
    current_user || warden.authenticate!(:scope => :user)
  end
end

Another important setting is the resource_owner_from_credentials block. This block is used to find the resource owner using the OAuth 2.0 credentials.

For example, if you want to allow users to log in using their username and password, you can use the following code:

Doorkeeper.configure do
  # other settings...
  resource_owner_from_credentials do |routes|
    User.find_by(username: params[:username])
  end
end

Once you have configured the initializer, you can start the server and access the /oauth/applications route to register your first OAuth application.

Auth Token

After you have registered your application, you will be able to get the client_id and client_secret values, which you need to use when making OAuth requests.

You can use the doorkeeper_oauth_token method to get an access token for a given user.

access_token = Doorkeeper::OAuth::Token.new(
  :resource_owner_id => current_user.id,
  :scopes => "public",
  :expires_at => 1.hour.from_now,
  :application => {
    :id => 1,
    :name => "My App",
    :redirect_uri => "http://localhost:3000/callback"
  }
)
access_token.save!

This access token can be used to make authenticated requests to your API on behalf of the user.

Summary

Doorkeeper is a Ruby gem that makes it easy to add OAuth 2.0 provider functionality to your Ruby on Rails application.

Installing Doorkeeper is straightforward; you need to add it to your Gemfile and run the rails generate doorkeeper:install command to generate the necessary migration files.

After you have installed Doorkeeper, you need to add the doorkeeper_for :all method to your routes.rb file.

The most important setting that you need to configure is the resource_owner_authenticator block. This block is used to authenticate the resource owner (usually the current user).

Another important setting is the resource_owner_from_credentials block. This block is used to find the resource owner using the OAuth 2.0 credentials.

Finally, you can use the doorkeeper_oauth_token method to get an access token for a given user.

This access token can be used to make authenticated requests to your API on behalf of the user.

Check out our other posts:

Tags:
1LikeShare Post
Hide comments

Leave a comment