As you have an oauth provider using `Doorkeeper` and other oauth applications (clients). Its annoying when you have not already logged in to the provider app and you clicked `Sign In With Main App‘ button in the login page. Then the main app throws you at the login page. When you have to go to the login page in your client app and do the login all over again. This is so annoying.
If you want to get auto redirected to the client app after filling the sign-in form in the main app(provider app) then here is the solution
# Change the ORM that doorkeeper will use (needs plugins)
# This block will be called to check whether the resource owner is authenticated or not.
user_id = session["warden.user.user.key"] rescue nil
User.find_by_id(user_id) || begin
session['user_return_to'] = request.url
`begin .. end` block
In the snipped above; you have seen `begin` which might be new to you been used in such scenario.
`begin` is some how like a `do`..`end` closure however this cannot be stored in a variable.
- its executed in the instant and binding its defined.
- it returns the last statement executed inside it
- returning from it returns from its container function
> a= begin
# => 13
If you already have billing/shipping address and payment info of the store in the OAuth provider [eg. some app with Doorkeeper]; and you don’t want to let your users go through the hassle to fill the form all over again, then, you can reuse the data. For this, you need to return the info along with user info from the OAuth provider in the response.
# in /app/models/spree/user_decorator.rb
class << self
spree_user = get_or_set_user(auth_data)
# Extract address info from the payload and update
# can update only shipping or both address with same data
set_shipping_address(spree_user, auth_data) if spree_user.ship_address.nil?
set_billing_address (spree_user, auth_data) if spree_user.bill_address.nil?
# You might also import PaymentSource info from parent app
# Ex: User has already submitted payment info [CreditCard info] and
# and you have Stripe PaymentSource Id, then you can import the data
# along with other info. I recommend you to use HTTPS for this.
set_payment_source(spree_user, auth_data) if spree_user.payment_sources.blank?
# Set user's role; say in parent app the user is Admin, then you
# might want to set that user as an Admin in child app as well.
# See the function definition below
# Need to return the user object
# all the methods assisting '
from_omniauth' will go below here
Its simple using doorkeeper to allow some trusted client/apps to allow access without manual acceptance. It helps you to connect two applications seamlessly.
# In initializers/doorkeeper.rb
# Under some circumstances you might want to have applications auto-approved,
# so that the user skips the authorization step.
# For example if dealing with a trusted application.
# > client
# => #<Doorkeeper::OAuth::Client:0x00000006d5f5b0
# id: 1,
# name: "store",
# uid: "6ccaad72daa4f60f8a26ad1a7432e895ad12f6ecd816150c4a162b253cd7c2bd",
# secret: "7e1bfb8e5ddc481021d9ebf445c438537c45734ad04dd51fa3cdeb8d2b5b47f2",
# redirect_uri: "http://localhost:3001/users/auth/myapp/callback",
# scopes: "",
# created_at: Sat, 05 Mar 2016 16:24:56 UTC +00:00,
# updated_at: Sun, 06 Mar 2016 04:12:01 UTC +00:00>>
# > resource_owner
# => #<User:0x00000006d56b68
# id: 4,
# email: "firstname.lastname@example.org",
# encrypted_password: "$2a$10$Jz9aj4gc2fZGPSc2tPYwU.
skip_authorization do |resource_owner, client|
client.name == 'store'