Authentication in Ruby On Rails
As I was building my app for the rails portion of the flatiron program, one of my main goals was to get my user authentication running smoothly. I worked on it first, built a skeleton for the app so everything I needed to test them was present. And with very little fuss, I built the rest of my app. The End.
But of course it was not so simple. Somewhere along the way, something I did broke half of my user authentication. I had to have native and third party logins using Omni-auth and by the time my app was “done” Omni-auth no longer functioned. After a good deal of bug tracking I was able to figure out that the issue was being caused by the password validation in my user model. If the line that validates password presence was deleted, Omni-auth worked with no issue. But my native authentication now no longer worked. By fixing one I broke the other. And so began a deep dive of googling, hoping for an easy answer.
After several attempts with different solutions, I settled in on what would end up being the answer.
The answer was to tell the app that when it was using Omni-auth it didn’t have to verify a password, and when it was using native login, it would resume validating. The original code I found was doing the same thing but it required a bit of modification in order to actually work.
It needed some simple changes to fit with my existing code, and one other rather important one. In the password required method, there was nothing telling the app what to do if @called_omniauth returned as false, and in fact it ended up sending the same response no matter what value @called_omniauth had. All it needed was an if/else statement. It seems simple now in hindsight but this took many hours for me to figure out, with a lot of byebugs and database table drops to get clean data. The hardest thing for me was that I couldn’t find a clear picture of what the best way of dealing with this issue was. Normally google will provide countless results all providing essentially the same solution to any given problem. But in this case there seemed to be none of that redundancy. I felt like the only one having this problem, but could see no easy solution. So, if you are like me and are struggling to get your authentication working, I hope that this can give you some guidance, and get you on the right track.