Doorkeeper Devise API User Authentication | Ruby On Rails 7 Tutorial

Introduction

This tutorial guides you through creating a Rails authentication solution using Doorkeeper and Devise for your Ruby on Rails 7 application. This setup allows seamless login for both standard Rails applications and APIs. It is designed to be scalable for multiple APIs and addresses common challenges like mobile logins and managing client IDs and secrets.

Step 1: Create the Core Rails Application

• Begin by creating a new Rails application.

• Open your terminal and run:

  rails new my_app --api
  cd my_app
  

• This sets up a lightweight Rails API-only application.

• Ensure you have the required gems added in your Gemfile:

  gem 'devise'
  gem 'doorkeeper'
  gem 'rack-cors'
  

• Run the following commands to install the gems:

  bundle install
  

Step 2: Set Up Devise

• To set up Devise, run:

  rails generate devise:install
  

• Follow the instructions that appear in your terminal to configure Devise in your application, including setting up the default URL options.

• Generate a User model with Devise:

  rails generate devise User
  rails db:migrate
  

Step 3: Integrate Doorkeeper

• To integrate Doorkeeper, run the following command:

  rails generate doorkeeper:install
  rails generate doorkeeper:migration
  

• Run the migration:

  rails db:migrate
  

• Configure Doorkeeper by editing the config/initializers/doorkeeper.rb file to set up your OAuth settings.

Step 4: Create the API Application Controller

• Generate a new controller for your API:

  rails generate controller Api::ApplicationController
  

• In the generated controller, include Doorkeeper's helper methods to handle authentication:

  class Api::ApplicationController < ActionController::API
    include Doorkeeper::Helpers::Bearer
    before_action :doorkeeper_authorize!
  end
  

Step 5: Create the Books Controller

• Create an API controller for books:

  rails generate controller Api::Books
  

• Implement actions in books_controller.rb for handling book-related requests.

Step 6: Create User Registrations Controller

• Generate the user registrations controller:

  rails generate controller Api::Users
  

• Implement user registration functionality. For example:

  class Api::UsersController < Api::ApplicationController
    def create
      user = User.new(user_params)
      if user.save
        render json: user, status: :created
      else
        render json: user.errors, status: :unprocessable_entity
      end
    end
  
    private
  
    def user_params
      params.require(:user).permit(:email, :password, :password_confirmation)
    end
  end
  

Step 7: Set Up Rack-CORS

• Add the Rack-CORS gem to handle Cross-Origin Resource Sharing (CORS):

  gem 'rack-cors', require: 'rack/cors'
  

• Configure CORS in config/application.rb:

  config.middleware.insert_before 0, Rack::Cors do
    allow do
      origins '*'
      resource '*', headers: :any, methods: [:get, :post, :put, :patch, :delete, :options, :head]
    end
  end
  

Conclusion

You have successfully set up user authentication for your Rails application using Doorkeeper and Devise. This setup allows for secure login through APIs and can easily scale for future applications. Next steps could involve creating more complex API functionalities or integrating with front-end frameworks like React or Vue. Consider exploring additional Doorkeeper features for enhanced security and user management.