2

I'm current trying to implement a login with google as a option to make easier for the user to login and create user.

I have a Rails API that uses devise to login, and a front using React that makes requests to that Rails 5 API.

Im not sure if I have to do all this login on back end or at front end, my greatest problem is create a user when login with google, because I cannot create a user without a password.

I never created this kinda of login system so I'm not sure how works, I believe I have to implement all in back end, using the google oauth gem, but I wanna know if someone has tips how to do it.

Should I use react components only? Rails gems only? or both is the correct answer?

Thank you.

Improve this question

1 Answer 1

Reset to default
3

I could give you the direction.

At first, you have to figure out which kind of grant flow you are going to use in OAuth provider.

There are four ways to do it, I only list the most common two ways.

  1. Code Grant Flow (Used in website, omniauth-google or similar gem using this way)

  2. Implicit Grant Flow (Native app, it means you have to do the OAuth flow in front-end)

If you are going to implement API server, you should consider the second way.

Because API server should be stateless, the first way need session to save the state of OAuth flow.

Besides, devise is not a good idea to implement API server, you should consider jwt or something token-based authentication.

Although, you could enable session store within rails API to use devise or omniauth-series.

If you want to do all the OAuth in front-end, go with the second way.

Or you could simply add button link to your OAuth callback URL in your react component, then your web server will deal with your OAuth flow(This is the first way).

After considering your situation, I suggest you go with the first way.

Because there are many resources of devise and omniauth-series you could find on the internet.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.