简体繁体 English

Ember简单身份验证设计

[英]LTI OAuth to Rails/Ember/Ember Simple Auth Devise

原文 2017-02-13 20:18:47 8 1 ruby-on-rails/ ember.js/ devise/ ember-simple-auth/ lti

I have an existing Rails application that uses Devise for auth. 我有一个使用Devise进行身份验证的现有Rails应用程序。 I have been adding an Ember application, using Ember-CLI-Rails with Simple Auth. 我一直在使用Ember-CLI-Rails和Simple Auth添加一个Ember应用程序。 Everything is working just fine. 一切正常。

But I now have an additional complication, which is that a third party organization would like to be able to automatically register/login users using LTI/OAuth –– so that they can jump straight from their application to ours without having to register or login, and then start working in our application as logged in users. 但是，我现在有一个额外的麻烦，那就是第三方组织希望能够使用LTI / OAuth自动注册/登录用户-以便他们可以直接从其应用程序跳转到我们的应用程序，而无需注册或登录，然后以登录用户的身份开始在我们的应用程序中工作。

I'm having trouble wrapping my head around if and how this can all fit together and work? 我是否无法将其缠绕在一起以及如何将它们全部组合在一起并工作？

I'm thinking through the possibility that I move login/session back to Rails? 我在考虑是否有可能将登录/会话移回Rails？ Or that I could possibly have multiple auth types in Simple Auth? 还是在简单身份验证中可能有多种身份验证类型？ etc. 等等

Any thoughts or advice on this much appreciated! 任何想法或意见对此表示赞赏！

1 个解决方案

You can roll your own Oauth piggybacking on Devise 您可以在Devise上搭载自己的Oauth

The provided example is for Facebook, but you'll use this Omniauth strategy 提供的示例适用于Facebook，但是您将使用此Omniauth策略

Essentially what you need to do is construct your own Oauth 2.0 Omniauth strategy, add Omniauthable functions (from Devise) to your users, extending your own custom callbacks controller, and a custom user constructor that reads data from the Oauth handshake. 本质上，您需要做的是构造自己的Oauth 2.0 Omniauth策略，向用户添加Omniauthable函数（来自Devise），扩展自己的自定义回调控制器，以及从Oauth握手中读取数据的自定义用户构造函数。