制定Omniauth和iPhone / Android应用程序应用程序、Omniauth、iPhone、Android
我已经设置了用户认证为我的Rails应用程序与制订和Omniauth。 现在我想知道我应该开始使用相同的身份验证为Android和iPhone应用程序,我想创建。
I've set up user auth for my rails App with Devise and Omniauth. Now I'm wondering where I should start to use the same auth for an Android and iPhone app I want to create.
我应该用我的/认证/ Facebook的移动版或者我应该直接发送从应用程序的要求?
Should I use a mobile version of my /auth/facebook or should I directly send a request from the app ?
这是一个相当普遍的问题,但我发现无处可看。
This is a quite general question, but I've found nowhere to look at.
编辑:我刚刚加入令牌身份验证的应用程序与基于REST的API来使用,我只是缺少Omniauth / Facebook的令牌部分
EDIT : I've just added Token Auth to the app to use with the RESTful api, I'm just missing the Omniauth/Facebook-token part.
推荐答案
好了,所以我回答我自己的问题。
Alright, so I'm answering my own question.
如果您使用的Facebook SDK ,SSO的作品在设备上相当不错,但,令牌您接收是不一样的对视了一眼,你对你的Rails应用程序会接收。显然,Facebook的创建不同的令牌取决于支持。
If you use the Facebook SDK, the SSO works quite good on the device, BUT, the token you receive is not the same as the one you're gonna receive on your Rails App. Apparently Facebook creates different tokens depending on the support.
所以,我所做的是:有一次,我收到Android设备上的记号,我就应用程序通过URL发送给我的导轨:
So what I did was: Once I receive the token on the Android device, I send it to my rails app via the url:
http://myapp/check_mobile_login?token=FB_MOBILE_TOKEN
这是然后用我的应用程序控制器,它使用令牌与fb_graph宝石获取用户数据的捕获。如果令牌是有效的,我会接受一些条信息。然后我检查我的数据库,并且,如果我发现了相同的UID,那么我的用户进行身份验证,我送他回Authentificable_token的设计。
This is then caught by my Application controller, which uses the Token with the fb_graph gem to fetch user data. If the Token is valid I'm going to receive some pieces of information. I then check with my database, and, if I find the same UID, then my user is authenticated and I send him back the Authentificable_token from Devise.
而$草案C $ C:
def check_mobile_login
token = params[:token]
user = FbGraph::User.me(token)
user = user.fetch
logged = User.find_by_uid(user.identifier)
respond_to do |format|
format.html # index.html.erb
format.json { render :json => logged.authentication_token }
end
end
如果任何人有一个更好的解决方案,我会很高兴地听到:)
If anyone has a better solution, I would be glad to hear that :)
