How I Patched Devise to Force Login for Twitter and Facebook

Here were some of the things that I had to do to Devise to get things working correctly with Twitter and Facebook. YMMV, as this was six months ago and I had some special requirements potentially.

# config/initializers/omniauth_patch.rb
# see
module OmniAuth
  module Strategies
    # override authorize path to force user to login each time
    class Twitter < OmniAuth::Strategies::OAuth
      def initialize(app, consumer_key = nil, consumer_secret = nil, options = {}, &block;)
        client_options = {
          :site => ''

        client_options[:authorize_path] = '/oauth/authorize'
        super(app, :twitter, consumer_key, consumer_secret, client_options, options)
# config/environments.rb

# Created multiple Facebook apps for testing because you can only have
# one per domain. One way to lessen these would be to set up, etc.
# since Facebook respects subdomains as being on the same domain. Would still need one for
# localhost testing though (unless I set up hosts file differently?)
# This seems simplest for now though.
id, secret = case ENV['RACK_ENV']
when 'production'
when 'staging'
config.omniauth :facebook, id, secret, { :display => :touch }

The last line ensures that we use the facebook touch view because I was only targeting mobile devices (iPhone). I’m not sure how we would easily do this at runtime besides further patching. Basically this limits us because we have to use the touch even though we want to use the web version on the web.

When signing out, I want to ensure that I sign out of all of the services that I might be signed into. I do a bit of a hack in the sign out view with:

Not you? #{link_to 'Sign out', ";=#{destroy_user_session_url}"}

Basically we ask facebook to sign us out first, and then go into the normal sign out.

Categories: development

« How to Write Without Reservations Slim "Failure/Error: render ActionView::Template::Error: Unexpected end of file" »