Authentication With Context

For whatever reason, you might want users to authenticate into your web application using Facebook, Twitter, etc. There are many useful tutorials for this, and as usual with Rails development, Railscasts offers some nice tutorials to get up and running quickly.

Beyond simple authentication, it's often useful to know the context that authentication occurs in on the server side of a web application. What if my app is supposed to behave differently depending on where I authenticate from, or rather (to get all fancy about it), the state of authentication? \n\nTo see an example of this, checkout this sample Rails application that uses the Facebook Javascript SDK and the omniauth-facebook gem (also, feel free to checkout the codebase on GitHub.

The app has three separate "doors" that the user can authenticate with. When we click on one of the choices, we pass this in as a URL parameter within the FB.login() function and authenticate via Facebook.

    // app/assets/javascripts/main.js
    FB.login(function(response) {
      if (response.authResponse) {
        document.location = '/auth/facebook?door='+door.toString()

Facebook then redirects us to '/auth/facebook/callback', the app's callback url. In this app, we've mapped this callback url to MainController#auth_callback, and it's here where we can find out which door the user has chosen. Within the controller action, the specific hash where you can grab this data is env["omniauth.params"] (as found in this Stackoverflow question).

    # app/controllers/maincontroller.rb
def auth
callback omniauthparams = env["omniauth.params] chosendoor = omniauth_params["door"]

      if !omni_auth_params.blank?

This is vaguely referenced on the omniauth-facebook readme on GitHub. Confusingly, the omniauth-facebook documentation states that you must use a "state" parameter in the url, but I've found that you can pass in arbitrarily named parameters just fine."

Inaugural Post

Hello, Internet!

This is the inaugural post on this post-modern, stream-of-consciousness experiment of a semi-professional blog that I've made from scratch, via the Rails and Backbone frameworks (here's Ryan Bates' Railscast that inspired this decision). Why make a blog from the ground up, since there's plenty of blog frameworks out there? I guess I can't resist the allure of the associated cool points. Many Bothans died to bring this little blog.

I plan to use this space to journal about any projects I might be working on and to write down things I discover along the way that others might find helpful (if you somehow couldn't Google the answer on Stack Overflower already). That, and I figure the Internet always needs more movie references and GIFs, right?